Cisco IOS XR Layer 3 Multicast Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Layer 3 multicast feature of Cisco IOS XR Software. This issue affects Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers. The vulnerability arises from improper handling of malformed IPv4 multicast packets on line cards with an applied IPv4 access control list or QoS policy. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted IPv4 multicast packets, causing the line card to reset and disrupt traffic while it reloads.

Impact

Exploitation of this vulnerability leads to a line card reset, causing a denial-of-service condition by interrupting traffic processing on the affected line card until it reloads.

Reproduction

The vulnerability can be reproduced by applying an IPv4 access control list or QoS policy to an interface on a vulnerable line card of the affected routers, and then sending malformed IPv4 multicast packets through the device.

Remediation

Cisco has released software updates that address this vulnerability. Customers with service contracts should obtain these updates through their usual channels. For line cards on ASR 9000 Series routers, verify the type of line card installed and check the device's configuration for applied IPv4 ACLs or QoS policies. For ASR 9902 and 9903 Compact High-Performance Routers, the integrated line card is Lightspeed-Plus-based, which is vulnerable under the described conditions.