CVE-2018-0241

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software versions 6.3.1, 6.2.3, or earlier releases

Description: A vulnerability in the UDP broadcast forwarding function could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The issue is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this by sending multiple UDP broadcast packets to the affected device, potentially causing a buffer leak and resulting in a DoS condition that requires manual intervention to recover.

Recommendations: For Cisco IOS XR Software versions 6.3.1, 6.2.3, or earlier releases, update to a newer version that addresses this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability, however, Cisco has released software updates that address this issue.