SB2021020336 - Denial of service when processing telnet and ICMP packets in Cisco IOS XR

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021020336

SB2021020336 - Denial of service when processing telnet and ICMP packets in Cisco IOS XR

Published: February 3, 2021

Security Bulletin ID SB2021020336
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Resource management error (CVE-ID: CVE-2021-1288)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the ingress packet processing function of Cisco IOS XR Software when processing Telnet protocol packets. A remote attacker can send specially crafted Telnet packets to the affected system and crash the ENF_BROKER process.


2) Memory leak (CVE-ID: CVE-2021-1313)

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak in the ingress packet processing function of Cisco IOS XR Software when processing ICMP or Telnet protocol packets. A remote attacker can send specially crafted packets to the affected system, trigger memory leak within the ENF_BROKER process and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References