CVE-2024-20318

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service (DoS) condition. This issue is due to the incorrect handling of specific Ethernet frames received on line cards with the Layer 2 services feature enabled. An attacker could exploit this by sending specific Ethernet frames through an affected device, potentially causing the ingress interface network processor to reset and resulting in a loss of traffic over the supported interfaces. Multiple resets could cause the line card to reset, leading to a DoS condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.