Cisco IOS Software UBR Devices IPv6 to IPv4 Subsystem Denial of Service Vulnerability

A vulnerability in the IPv6 to IPv4 subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a Performance Routing Engine (PRE) crash on a targeted system, resulting in a denial of service (DoS) condition.

The vulnerability is due to a race condition that may cause a NULL pointer to be freed. An attacker could exploit this vulnerability by submitting crafted content to a targeted device designed to trigger a race condition. A successful exploit could cause a PRE module on the device to crash, resulting in a DoS condition.

Cisco has confirmed the vulnerability and released software updates.

An attacker would need to cause hundreds of IPv6-enabled customer premises equipment (CPE) devices to drop and reestablish connectivity with the affected UBR simultaneously and repeatedly over a period of time. This requirement would make it difficult to achieve a successful exploit.