Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability
Summary
A vulnerability in the handling of an Egress Packet Network Interface (EPNI) Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an unauthenticated, remote attacker to cause the network processing unit (NPU) and ASIC to stop processing, preventing traffic from traversing the interface. This vulnerability is due to the corruption of packets in specific cases when an EPNI Aligner interrupt is triggered while an affected device is experien…
- Scope: This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco IOS XR Software, regardless of the device configuration:
- Release 7.8.2 and earlier (first fixed: Not affected)
- 7.9 — Migrate to a fixed release or apply SMU
- 7.10 — Migrate to a fixed release or apply SMU
- 7.11 — Migrate to a fixed release or apply SMU
- 24.1 — Migrate to a fixed release or apply SMU
- 24.2 — Migrate to a fixed release or apply SMU
- 24.3 — Migrate to a fixed release or apply SMU
- 24.4 — Migrate to a fixed release or apply SMU
- 25.1 — Migrate to a fixed release or apply SMU
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
- Not affected
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Mitigation checklist
- Upgrade to the first fixed release for your train per the Fixed Releases table in this advisory.
- Release 7.8.2 and earlier: upgrade to Not affected.
- Release 7.9: migrate to a fixed release or apply SMU.
- Release 7.10: migrate to a fixed release or apply SMU.
- Release 7.11: migrate to a fixed release or apply SMU.
- Release 24.1: migrate to a fixed release or apply SMU.
- Release 24.2: migrate to a fixed release or apply SMU.
- Release 24.3: migrate to a fixed release or apply SMU.
- Release 24.4: migrate to a fixed release or apply SMU.
- There are no workarounds that address this vulnerability.
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.