Cisco IOS XR Denial-of-Service Vulnerability

Original release date: June 11, 2015

Cisco has identified a vulnerability that could allow an unauthenticated remote attacker to cause a denial-of-service condition. The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. A Cisco Carrier Routing System 3 (CRS-3) running a version of Cisco IOS XR software prior to 4.2.1 is affected by this vulnerability.

Users and administrators are encouraged to review the Cisco Security Advisory and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Leave a Reply