Network Security, Patch/Configuration Management, Vulnerability Management

Cisco update eliminates DoS vulnerability in Aggregation Services Router operating system

Cisco Systems on Wednesday issued a security update that fixes a high-severity denial of service vulnerability in release version 5.3.4 of its IOS XR Software for the Aggregation Services Router (ASR) 9000 Series.

The bug, designated CVE-2018-0136, specifically resides in the operating system's IPv6 subsystem, which was mishandling packets with a fragment header. Routers are affected if they are running version 5.3.4 of the software and have IPv6-configured Trident-based (Ethernet) line cards installed.

"An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card," Cisco explained in a security advisory. "A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart."

Cisco made its fix available via a software maintenance upgrade, and also incorporated the patch into service pack 7 for Cisco IOS XR Software Release 5.3.4.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.