CVE-2024-20318

2024-03-1316:46:24

cisco

github.com

cisco

vulnerability

dos

ethernet

services

layer 2

software

7.4 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

JSON

A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service (DoS) condition.

This vulnerability is due to the incorrect handling of specific Ethernet frames that are received on line cards that have the Layer 2 services feature enabled. An attacker could exploit this vulnerability by sending specific Ethernet frames through an affected device. A successful exploit could allow the attacker to cause the ingress interface network processor to reset, resulting in a loss of traffic over the interfaces that are supported by the network processor. Multiple resets of the network processor would cause the line card to reset, resulting in a DoS condition.

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco IOS XR Software",
    "versions": [
      {
        "status": "affected",
        "version": "6.5.2"
      },
      {
        "status": "affected",
        "version": "6.5.3"
      },
      {
        "status": "affected",
        "version": "6.6.2"
      },
      {
        "status": "affected",
        "version": "6.6.3"
      },
      {
        "status": "affected",
        "version": "6.6.25"
      },
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.0.2"
      },
      {
        "status": "affected",
        "version": "7.1.1"
      },
      {
        "status": "affected",
        "version": "7.1.15"
      },
      {
        "status": "affected",
        "version": "7.1.2"
      },
      {
        "status": "affected",
        "version": "7.1.3"
      },
      {
        "status": "affected",
        "version": "6.7.1"
      },
      {
        "status": "affected",
        "version": "6.7.2"
      },
      {
        "status": "affected",
        "version": "6.7.3"
      },
      {
        "status": "affected",
        "version": "7.3.1"
      },
      {
        "status": "affected",
        "version": "7.3.2"
      },
      {
        "status": "affected",
        "version": "7.3.3"
      },
      {
        "status": "affected",
        "version": "7.3.5"
      },
      {
        "status": "affected",
        "version": "7.4.1"
      },
      {
        "status": "affected",
        "version": "7.4.2"
      },
      {
        "status": "affected",
        "version": "6.8.1"
      },
      {
        "status": "affected",
        "version": "6.8.2"
      },
      {
        "status": "affected",
        "version": "7.5.1"
      },
      {
        "status": "affected",
        "version": "7.5.3"
      },
      {
        "status": "affected",
        "version": "7.5.2"
      },
      {
        "status": "affected",
        "version": "7.5.4"
      },
      {
        "status": "affected",
        "version": "7.5.5"
      },
      {
        "status": "affected",
        "version": "7.6.1"
      },
      {
        "status": "affected",
        "version": "7.6.2"
      },
      {
        "status": "affected",
        "version": "7.7.1"
      },
      {
        "status": "affected",
        "version": "7.7.2"
      },
      {
        "status": "affected",
        "version": "6.9.1"
      },
      {
        "status": "affected",
        "version": "6.9.2"
      },
      {
        "status": "affected",
        "version": "7.8.1"
      },
      {
        "status": "affected",
        "version": "7.8.2"
      },
      {
        "status": "affected",
        "version": "7.9.1"
      }
    ]
  }
]