CVE-2024-20304

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software versions prior to 24.2.11

Description A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to exhaust the incoming UDP packet memory, possibly causing a denial of service (DoS) condition. This vulnerability can be exploited using IPv4 or IPv6.

Recommendations For Cisco IOS XR Software versions prior to 24.2.11, upgrade to a fixed version to mitigate the risk of remote exploitation. As a temporary workaround, consider restricting access to the Mtrace2 feature until a patch is available. Avoid using the Mtrace2 feature in IPv4 or IPv6 environments until the issue is resolved.