
====================================================================

                                 CERT-Renater

                      Note d'Information No. 2016/VULN157
_____________________________________________________________________

DATE                : 13/04/2016

HARDWARE PLATFORM(S): Cisco ASR 9000 Series.

OPERATING SYSTEM(S): Cisco IOS XR Software versions 4.2.3, 4.3.0,
                                     4.3.4, 5.3.1.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr
_____________________________________________________________________

Cisco Security Advisory

Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers
Interface Flap Vulnerability

Medium

Advisory ID: cisco-sa-20160412-asr

Published: 2016 April 12 07:00 GMT

Version 1.0: Final

CVSS Score:

Base - 4.3

Workarounds:

No workarounds available

Cisco Bug IDs:

CSCuv78548

CVE-2016-1376

CWE-20


Summary

A vulnerability in packet processing functions of Cisco IOS XR Software
running on Cisco ASR 9000 Series Aggregation Services Routers could
allow an unauthenticated, remote attacker to cause cyclic redundancy
check (CRC) and symbol errors on the receiving interface of an affected
device, which may lead to an interface flap.

The vulnerability is due to improper processing of packets that contain
certain crafted bit patterns. An attacker could exploit this
vulnerability by sending crafted packets to be processed by a line card
of an affected device.
A successful exploit could allow the attacker to cause CRC and symbol
errors on the receiving interface of the device, which may lead to an
interface flap.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr


Affected Products

Vulnerable Products

Cisco IOS XR Software Releases 4.2.3, 4.3.0, 4.3.4, and 5.3.1 running
on Cisco ASR 9000 Series Aggregation Services Routers are affected by
this vulnerability.

Products Confirmed Not Vulnerable

No other Cisco products are currently known to be affected by this
vulnerability.


Workarounds

There are no workarounds that address this vulnerability.


Fixed Software

Information about fixed software is documented in the Cisco bug, which
is accessible through the Cisco Bug Search Tool.

When considering software upgrades, customers are advised to consult
the Cisco Security Advisories and Responses archive at
http://www.cisco.com/go/psirt and review subsequent advisories to
determine exposure and a complete upgrade solution.

In all cases, customers should ensure that the devices to upgrade
contain sufficient memory and confirm that current hardware and
software configurations will continue to be supported properly by the
new release. If the information is not clear, customers are advised to
contact the Cisco Technical Assistance Center (TAC) or their contracted
maintenance providers.

Exploitation and Public Announcements

The Cisco Product Security Incident Response Team (PSIRT) is not aware
of any public announcements or malicious use of the vulnerability that
is described in this advisory.

URL

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr


Revision History

Version     Description     Section     Status 	   Date

1.0 	Initial public release. 	Final 		2016-April-12


Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY
KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE
INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT
YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS
DOCUMENT AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits
the distribution URL is an uncontrolled copy and may lack important
information or contain factual errors. The information in this document
is intended for end users of Cisco products.

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================