Cisco IOS XR Software Multicast Source Discovery Protocol Session Denial of Service Vulnerability

A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition. The MSDP session will restart within a few seconds.

The vulnerability is due to incorrect error handling of an MSDP packet that contains an error in the packet header. An attacker could exploit this vulnerability by sending a malformed MSDP packet for an established MSDP session to the targeted device. An exploit could allow the attacker to cause a short DoS condition if the MSDP session restarts.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2uqbpxu A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the MSDP session to be unexpectedly reset, causing a short denial of service (DoS) condition. The MSDP session will restart within a few seconds.

The vulnerability is due to incorrect error handling of an MSDP packet that contains an error in the packet header. An attacker could exploit this vulnerability by sending a malformed MSDP packet for an established MSDP session to the targeted device. An exploit could allow the attacker to cause a short DoS condition if the MSDP session restarts.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2uqbpxu
Security Impact Rating: Medium
CVE: CVE-2017-6731

from Cisco Security Advisory http://ift.tt/2uqbpxu