CVE-2015-4191

Name of the Vulnerable Software and Affected Versions Cisco IOS XR version 5.2.1

Description A vulnerability in IP version 6 (IPv6) processing could allow an unauthenticated, remote attacker to cause a reload of the ipv6 io service. The issue is due to improper processing of a malformed IPv6 packet by a device configured to process such packets. An attacker could exploit this by sending a malformed IPv6 packet to a device configured for IPv6. To exploit this, an attacker may need additional information about the targeted device, such as its IPv6 configuration.

Recommendations For Cisco IOS XR version 5.2.1, update to a newer version that includes the fix for this issue, as confirmed by Cisco. As a temporary workaround, consider restricting access to IPv6 packets or disabling IPv6 processing on the device until a patch is applied.