CVE-2021-34720

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This issue exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this by sending specific IP SLA or TWAMP packets to an affected device, potentially impacting other processes like routing protocols or crashing the IP SLA process.

Recommendations For Cisco IOS XR Software, update to a version that includes the fix for this issue, as software updates have been released to address this vulnerability. At the moment, there is no information about specific versions that contain a fix for this vulnerability.