CVE-2023-20027

Published: Mar 23, 2023Modified: Nov 21, 2024

8.6

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 4.0

Source: NVD

Description

A vulnerability in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper reassembly of large packets that occurs when VFR is enabled on either a tunnel interface or on a physical interface that is configured with a maximum transmission unit (MTU) greater than 4,615 bytes. An attacker could exploit this vulnerability by sending fragmented packets through a VFR-enabled interface on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Affected (190)

Products: Cisco: Ios Xe

Cisco

1 product

Ios Xe

Configuration A

190 vulnerable · 34 platform

Vulnerable Software	Affected Versions
Cisco Ios Xe	Version 16.10.1
Cisco Ios Xe	Version 16.10.1a
Cisco Ios Xe	Version 16.10.1b
Cisco Ios Xe	Version 16.10.1e
Cisco Ios Xe	Version 16.10.1s
Cisco Ios Xe	Version 16.10.2
Cisco Ios Xe	Version 16.10.3
Cisco Ios Xe	Version 16.11.1
Cisco Ios Xe	Version 16.11.1a
Cisco Ios Xe	Version 16.11.1c
Cisco Ios Xe	Version 16.11.1s
Cisco Ios Xe	Version 16.11.2
Cisco Ios Xe	Version 16.12.1
Cisco Ios Xe	Version 16.12.1a
Cisco Ios Xe	Version 16.12.1c
Cisco Ios Xe	Version 16.12.1s
Cisco Ios Xe	Version 16.12.2
Cisco Ios Xe	Version 16.12.2s
Cisco Ios Xe	Version 16.12.2t
Cisco Ios Xe	Version 16.12.3
Cisco Ios Xe	Version 16.12.3s
Cisco Ios Xe	Version 16.12.4
Cisco Ios Xe	Version 16.12.5
Cisco Ios Xe	Version 16.12.6
Cisco Ios Xe	Version 16.12.7
Cisco Ios Xe	Version 16.12.8
Cisco Ios Xe	Version 16.2.1
Cisco Ios Xe	Version 16.2.2
Cisco Ios Xe	Version 16.3.10
Cisco Ios Xe	Version 16.3.11
Cisco Ios Xe	Version 16.3.1
Cisco Ios Xe	Version 16.3.1a
Cisco Ios Xe	Version 16.3.2
Cisco Ios Xe	Version 16.3.3
Cisco Ios Xe	Version 16.3.4
Cisco Ios Xe	Version 16.3.5
Cisco Ios Xe	Version 16.3.6
Cisco Ios Xe	Version 16.3.7
Cisco Ios Xe	Version 16.3.8
Cisco Ios Xe	Version 16.3.9
Cisco Ios Xe	Version 16.4.1
Cisco Ios Xe	Version 16.4.2
Cisco Ios Xe	Version 16.4.3
Cisco Ios Xe	Version 16.5.1
Cisco Ios Xe	Version 16.5.1b
Cisco Ios Xe	Version 16.5.2
Cisco Ios Xe	Version 16.5.3
Cisco Ios Xe	Version 16.6.10
Cisco Ios Xe	Version 16.6.1
Cisco Ios Xe	Version 16.6.2
Cisco Ios Xe	Version 16.6.3
Cisco Ios Xe	Version 16.6.4
Cisco Ios Xe	Version 16.6.4s
Cisco Ios Xe	Version 16.6.5
Cisco Ios Xe	Version 16.6.6
Cisco Ios Xe	Version 16.6.7
Cisco Ios Xe	Version 16.6.8
Cisco Ios Xe	Version 16.6.9
Cisco Ios Xe	Version 16.7.1
Cisco Ios Xe	Version 16.7.2
Cisco Ios Xe	Version 16.7.3
Cisco Ios Xe	Version 16.8.1
Cisco Ios Xe	Version 16.8.1s
Cisco Ios Xe	Version 16.8.2
Cisco Ios Xe	Version 16.8.3
Cisco Ios Xe	Version 16.9.1
Cisco Ios Xe	Version 16.9.1s
Cisco Ios Xe	Version 16.9.2
Cisco Ios Xe	Version 16.9.2s
Cisco Ios Xe	Version 16.9.3
Cisco Ios Xe	Version 16.9.3s
Cisco Ios Xe	Version 16.9.4
Cisco Ios Xe	Version 16.9.5
Cisco Ios Xe	Version 16.9.6
Cisco Ios Xe	Version 16.9.7
Cisco Ios Xe	Version 16.9.8
Cisco Ios Xe	Version 16.9.8a
Cisco Ios Xe	Version 16.9.8c
Cisco Ios Xe	Version 17.1.1
Cisco Ios Xe	Version 17.1.1s
Cisco Ios Xe	Version 17.1.1t
Cisco Ios Xe	Version 17.1.2
Cisco Ios Xe	Version 17.1.3
Cisco Ios Xe	Version 17.2.1
Cisco Ios Xe	Version 17.2.1r
Cisco Ios Xe	Version 17.2.1v
Cisco Ios Xe	Version 17.2.2
Cisco Ios Xe	Version 17.2.3
Cisco Ios Xe	Version 17.3.1
Cisco Ios Xe	Version 17.3.1a
Cisco Ios Xe	Version 17.3.2
Cisco Ios Xe	Version 17.3.3
Cisco Ios Xe	Version 17.3.4
Cisco Ios Xe	Version 17.3.4a
Cisco Ios Xe	Version 17.3.5
Cisco Ios Xe	Version 17.4.1
Cisco Ios Xe	Version 17.4.1a
Cisco Ios Xe	Version 17.4.1b
Cisco Ios Xe	Version 17.4.2
Cisco Ios Xe	Version 17.5.1
Cisco Ios Xe	Version 17.5.1a
Cisco Ios Xe	Version 17.6.1
Cisco Ios Xe	Version 17.6.1a
Cisco Ios Xe	Version 17.6.2
Cisco Ios Xe	Version 17.6.3
Cisco Ios Xe	Version 17.6.3a
Cisco Ios Xe	Version 17.7.1
Cisco Ios Xe	Version 17.7.1a
Cisco Ios Xe	Version 17.7.2
Cisco Ios Xe	Version 17.8.1
Cisco Ios Xe	Version 17.8.1a
Cisco Ios Xe	Version 3.10.0s
Cisco Ios Xe	Version 3.10.10s
Cisco Ios Xe	Version 3.10.1s
Cisco Ios Xe	Version 3.10.2as
Cisco Ios Xe	Version 3.10.2s
Cisco Ios Xe	Version 3.10.2ts
Cisco Ios Xe	Version 3.10.3s
Cisco Ios Xe	Version 3.10.4s
Cisco Ios Xe	Version 3.10.5s
Cisco Ios Xe	Version 3.10.6s
Cisco Ios Xe	Version 3.10.7s
Cisco Ios Xe	Version 3.10.8as
Cisco Ios Xe	Version 3.10.8s
Cisco Ios Xe	Version 3.10.9s
Cisco Ios Xe	Version 3.11.0s
Cisco Ios Xe	Version 3.11.1s
Cisco Ios Xe	Version 3.11.2s
Cisco Ios Xe	Version 3.11.3s
Cisco Ios Xe	Version 3.11.4s
Cisco Ios Xe	Version 3.12.0s
Cisco Ios Xe	Version 3.12.1s
Cisco Ios Xe	Version 3.12.2s
Cisco Ios Xe	Version 3.12.3s
Cisco Ios Xe	Version 3.12.4s
Cisco Ios Xe	Version 3.13.0s
Cisco Ios Xe	Version 3.13.10s
Cisco Ios Xe	Version 3.13.1s
Cisco Ios Xe	Version 3.13.2s
Cisco Ios Xe	Version 3.13.3s
Cisco Ios Xe	Version 3.13.4s
Cisco Ios Xe	Version 3.13.5s
Cisco Ios Xe	Version 3.13.6as
Cisco Ios Xe	Version 3.13.6s
Cisco Ios Xe	Version 3.13.7s
Cisco Ios Xe	Version 3.13.8s
Cisco Ios Xe	Version 3.13.9s
Cisco Ios Xe	Version 3.14.0s
Cisco Ios Xe	Version 3.14.1s
Cisco Ios Xe	Version 3.14.2s
Cisco Ios Xe	Version 3.14.3s
Cisco Ios Xe	Version 3.14.4s
Cisco Ios Xe	Version 3.15.0s
Cisco Ios Xe	Version 3.15.1cs
Cisco Ios Xe	Version 3.15.1s
Cisco Ios Xe	Version 3.15.2s
Cisco Ios Xe	Version 3.15.3s
Cisco Ios Xe	Version 3.15.4s
Cisco Ios Xe	Version 3.16.0cs
Cisco Ios Xe	Version 3.16.0s
Cisco Ios Xe	Version 3.16.10s
Cisco Ios Xe	Version 3.16.1as
Cisco Ios Xe	Version 3.16.2s
Cisco Ios Xe	Version 3.16.3s
Cisco Ios Xe	Version 3.16.4as
Cisco Ios Xe	Version 3.16.4bs
Cisco Ios Xe	Version 3.16.4cs
Cisco Ios Xe	Version 3.16.4ds
Cisco Ios Xe	Version 3.16.4es
Cisco Ios Xe	Version 3.16.4gs
Cisco Ios Xe	Version 3.16.5as
Cisco Ios Xe	Version 3.16.5bs
Cisco Ios Xe	Version 3.16.5s
Cisco Ios Xe	Version 3.16.6bs
Cisco Ios Xe	Version 3.16.6s
Cisco Ios Xe	Version 3.16.7as
Cisco Ios Xe	Version 3.16.7bs
Cisco Ios Xe	Version 3.16.7s
Cisco Ios Xe	Version 3.16.8s
Cisco Ios Xe	Version 3.16.9s
Cisco Ios Xe	Version 3.17.0s
Cisco Ios Xe	Version 3.17.1s
Cisco Ios Xe	Version 3.17.2s
Cisco Ios Xe	Version 3.17.3s
Cisco Ios Xe	Version 3.17.4s
Cisco Ios Xe	Version 3.18.0as
Cisco Ios Xe	Version 3.18.2asp
Cisco Ios Xe	Version 3.9.0as
Cisco Ios Xe	Version 3.9.1s
Cisco Ios Xe	Version 3.9.2s

Running on/with	Platform Versions
Cisco 1000 Integrated Services Router	All versions
Cisco 1100 4g/6g Integrated Services Router	All versions
Cisco 1100 4g Integrated Services Router	All versions
Cisco 1100 4p Integrated Services Router	All versions
Cisco 1100 6g Integrated Services Router	All versions
Cisco 1100 8p Integrated Services Router	All versions
Cisco 1100 Integrated Services Router	All versions
Cisco 1101 4p Integrated Services Router	All versions
Cisco 1101 Integrated Services Router	All versions
Cisco 1109 2p Integrated Services Router	All versions
Cisco 1109 4p Integrated Services Router	All versions
Cisco 1109 Integrated Services Router	All versions
Cisco 1111x 8p Integrated Services Router	All versions
Cisco 1111x Integrated Services Router	All versions
Cisco 111x Integrated Services Router	All versions
Cisco 1120 Integrated Services Router	All versions
Cisco 1131 Integrated Services Router	All versions
Cisco 1160 Integrated Services Router	All versions
Cisco 4221 Integrated Services Router	All versions
Cisco 4321 Integrated Services Router	All versions
Cisco 4331 Integrated Services Router	All versions
Cisco 4351 Integrated Services Router	All versions
Cisco 4431 Integrated Services Router	All versions
Cisco 4451 X Integrated Services Router	All versions
Cisco 4461 Integrated Services Router	All versions
Cisco C8200 1n 4t	All versions
Cisco C8200l 1n 4t	All versions
Cisco C8500l 8s4x	All versions
Cisco Catalyst 8000v Edge	All versions
Cisco Catalyst 8300 1n1s 4t2x	All versions
Cisco Catalyst 8300 1n1s 6t	All versions
Cisco Catalyst 8300 2n2s 4t2x	All versions
Cisco Catalyst 8300 2n2s 6t	All versions
Cisco Cloud Services Router 1000v	All versions

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (2)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4-vfr-dos-CXxtFacb

Source: psirt@cisco.com

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4-vfr-dos-CXxtFacb

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.