CVE-2025-20141

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software version 7.9.2

Description: A vulnerability in the handling of specific packets that are punted from a line card to a route processor could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. This issue is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition.

Recommendations: For Cisco IOS XR Software version 7.9.2, consider applying a patch or update to fix the issue with handling specific packets punted from a line card to a route processor. As a temporary workaround, restrict access to the route processor to minimize the risk of exploitation. Avoid sending traffic that must be handled by the Linux stack on the route processor to the affected device until the issue is resolved.