CVE-2021-1440

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This is due to the incorrect handling of a specific RPKI to Router (RTR) Protocol packet header. An attacker could exploit this vulnerability by compromising the RPKI validator server and sending a specifically crafted RTR packet to an affected device, or by using man-in-the-middle techniques to impersonate the RPKI validator server and send a specifically crafted RTR response packet over the established RTR TCP connection to the affected device. A successful exploit could allow the attacker to cause a DoS condition because the BGP process could constantly restart and BGP routing could become unstable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.