Resource Management Errors

CVE-2021-34713

High

7.4/10

Summary

A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.

Attack Complexity: LOW
Attack Vector: ADJACENT_NETWORK
Integrity Impact: NONE
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-399 - Resource Management Errors

Resource management errors is not a weakness in and of itself, rather it is a category of weaknesses related to improper management of system resources. If not addressed, the weaknesses in this category can lead to unexpected software behavior, loss of access, file modification, sensitive information disclosure, system crash, denial of service, and code execution.

References

Advisory Timeline

Published Sep 09, 2021

Resource Management Errors

CVE-2021-34713

Summary

CWE-399 - Resource Management Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS