Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

High-Severity Cisco DoS Flaw Can Immobilize ASR Routers

posted by Fnord666 on Friday November 13 2020, @04:16AM   Printer-friendly
from the another-day-another-exploit dept.
Security

Arthur T Knackerbracket has found the following story:

A high-severity flaw in Cisco’s IOS XR software could allow unauthenticated, remote attackers to cripple Cisco Aggregation Services Routers (ASR).

The flaw stems from Cisco IOS XR, a train of Cisco Systems’ widely deployed Internetworking Operating System (IOS). The OS powers the Cisco ASR 9000 series, which are fully distributed routers engineered to address massive surges in video traffic.

“A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS [denial-of-service] condition,” according to a Tuesday security advisory by Cisco.

The flaw (CVE-2020-26070), which ranks 8.6 out of 10 on the CVSS scale, stems from an issue with the ingress packet processing function of Cisco IOS XR software. Ingress packet processing is a technique used to sort through incoming packets from different networks.

The vulnerability is due to improper resource allocation when an affected device processes network traffic. An attacker could exploit the flaw by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device, ultimately exhausting its buffer resources and crashing the device.

Original Submission

This discussion has been archived. No new comments can be posted.
High-Severity Cisco DoS Flaw Can Immobilize ASR Routers | Log In/Create an Account | Top | 2 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)

  • (Score: 3, Funny) by Runaway1956 on Friday November 13 2020, @05:32AM (1 child)

    by Runaway1956 (2926) Subscriber Badge on Friday November 13 2020, @05:32AM (#1076937) Journal

    I'm sorry, but shouldn't titles of articles be both meaningful, and relevant? So, my router is immobilized? Huh - I would imagine that was a "good thing". Hey, I don't want to chase my router around the house, or across the yard, or down the road! I really expect it to remain immobile, on the shelf beside the desk in the living room. And, real IT guys don't want to chase their routers around an office building, or a production plant, or whatever.

    The story is better than the title, gotta give the author that much credit.

    A high-severity flaw in Cisco’s IOS XR software could allow unauthenticated, remote attackers to cripple Cisco Aggregation Services Routers (ASR).

    Yeah, I can understand a router being disabled. I certainly do NOT understand how an immobile router can be a "bad thing". I probably need to blame the stupid title on an editor.

    --
    “I have become friends with many school shooters” - Tampon Tim Walz

    • (Score: 0) by Anonymous Coward on Friday November 13 2020, @07:39PM

      by Anonymous Coward on Friday November 13 2020, @07:39PM (#1077116)

      Not if your router has a moving satellite dish attached.

      https://www.youtube.com/watch?v=99HRpgkzdQo [youtube.com]

      What are these things called anyways? My grandma used to have one in her back yard back in the days.

(1)