CVE-2024-20317

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms (affected versions not specified)

Description A vulnerability in the handling of specific Ethernet frames could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition. This issue is due to incorrect classification of certain types of Ethernet frames received on an interface. An attacker could exploit this by sending specific types of Ethernet frames to or through the affected device, potentially causing control plane protocol relationships to fail.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.