CVE-2013-3464: Buffer Overflow
First published: Tue Aug 13 2013(Updated: )
Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling, and device reload) by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XRv 9000 | =2.0\(.0\) | |
| Cisco IOS XRv 9000 | =3.0\(.0\) | |
| Cisco IOS XRv 9000 | =3.0\(.1\) | |
| Cisco IOS XRv 9000 | =3.2\(.0\) | |
| Cisco IOS XRv 9000 | =3.2\(.1\) | |
| Cisco IOS XRv 9000 | =3.2\(.2\) | |
| Cisco IOS XRv 9000 | =3.2\(.3\) | |
| Cisco IOS XRv 9000 | =3.2\(.4\) | |
| Cisco IOS XRv 9000 | =3.2\(.6\) | |
| Cisco IOS XRv 9000 | =3.2\(.50\) | |
| Cisco IOS XRv 9000 | =3.3\(.0\) | |
| Cisco IOS XRv 9000 | =3.3\(.1\) | |
| Cisco IOS XRv 9000 | =3.3\(.2\) | |
| Cisco IOS XRv 9000 | =3.3\(.3\) | |
| Cisco IOS XRv 9000 | =3.3\(.4\) | |
| Cisco IOS XRv 9000 | =3.4\(.0\) | |
| Cisco IOS XRv 9000 | =3.4\(.1\) | |
| Cisco IOS XRv 9000 | =3.4\(.2\) | |
| Cisco IOS XRv 9000 | =3.4\(.3\) | |
| Cisco IOS XRv 9000 | =3.5\(.0\) | |
| Cisco IOS XRv 9000 | =3.5\(.1\) | |
| Cisco IOS XRv 9000 | =3.5\(.2\) | |
| Cisco IOS XRv 9000 | =3.5\(.3\) | |
| Cisco IOS XRv 9000 | =3.5\(.4\) | |
| Cisco IOS XRv 9000 | =3.6\(.1\) | |
| Cisco IOS XRv 9000 | =3.6\(.2\) | |
| Cisco IOS XRv 9000 | =3.6\(.3\) | |
| Cisco IOS XRv 9000 | =3.6_base | |
| Cisco IOS XRv 9000 | =3.7\(.1\) | |
| Cisco IOS XRv 9000 | =3.7\(.2\) | |
| Cisco IOS XRv 9000 | =3.7\(.3\) | |
| Cisco IOS XRv 9000 | =3.7_base | |
| Cisco IOS XRv 9000 | =3.8\(.0\) | |
| Cisco IOS XRv 9000 | =3.8\(.1\) | |
| Cisco IOS XRv 9000 | =3.8\(.2\) | |
| Cisco IOS XRv 9000 | =3.8\(.3\) | |
| Cisco IOS XRv 9000 | =3.8\(.4\) | |
| Cisco IOS XRv 9000 | =3.9\(.0\) | |
| Cisco IOS XRv 9000 | =3.9\(.1\) | |
| Cisco IOS XRv 9000 | =3.9\(.2\) | |
| Cisco IOS XRv 9000 | =4.0\(.0\) | |
| Cisco IOS XRv 9000 | =4.0\(.1\) | |
| Cisco IOS XRv 9000 | =4.0\(.2\) | |
| Cisco IOS XRv 9000 | =4.0\(.3\) | |
| Cisco IOS XRv 9000 | =4.0\(.4\) | |
| Cisco IOS XRv 9000 | =4.0\(.11\) | |
| Cisco IOS XRv 9000 | =4.0_base | |
| Cisco IOS XRv 9000 | =4.1\(.0\) | |
| Cisco IOS XRv 9000 | =4.1\(.1\) | |
| Cisco IOS XRv 9000 | =4.1\(.2\) | |
| Cisco IOS XRv 9000 | =4.1_base | |
| Cisco IOS XRv 9000 | =4.2\(.0\) | |
| Cisco IOS XRv 9000 | =4.2\(.1\) | |
| Cisco IOS XRv 9000 | =4.2\(.2\) | |
| Cisco IOS XRv 9000 | =4.2\(.3\) | |
| Cisco IOS XRv 9000 | =4.2\(.4\) | |
| Cisco IOS XRv 9000 | =4.3\(.0\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-3464?
CVE-2013-3464 is categorized as a denial of service vulnerability with the potential to disrupt device operations.
How do I fix CVE-2013-3464?
To remediate CVE-2013-3464, ensure that your Cisco IOS XR software is updated to the latest version that patches this vulnerability.
Who is affected by CVE-2013-3464?
CVE-2013-3464 affects local users on Cisco IOS XR versions ranging from 2.0 to 4.3.
What types of attacks can CVE-2013-3464 facilitate?
CVE-2013-3464 can facilitate denial of service attacks through outboard flooding of large ICMP Echo Request packets.
Can CVE-2013-3464 cause permanent damage?
CVE-2013-3464 may lead to memory corruption and device reload, but it does not affect the permanent integrity of the device.
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco ios xrv 9000
- version/cisco ios xrv 9000/2.0\(.0\)
- version/cisco ios xrv 9000/3.0\(.0\)
- version/cisco ios xrv 9000/3.0\(.1\)
- version/cisco ios xrv 9000/3.2\(.0\)
- version/cisco ios xrv 9000/3.2\(.1\)
- version/cisco ios xrv 9000/3.2\(.2\)
- version/cisco ios xrv 9000/3.2\(.3\)
- version/cisco ios xrv 9000/3.2\(.4\)
- version/cisco ios xrv 9000/3.2\(.6\)
- version/cisco ios xrv 9000/3.2\(.50\)
- version/cisco ios xrv 9000/3.3\(.0\)
- version/cisco ios xrv 9000/3.3\(.1\)
- version/cisco ios xrv 9000/3.3\(.2\)
- version/cisco ios xrv 9000/3.3\(.3\)
- version/cisco ios xrv 9000/3.3\(.4\)
- version/cisco ios xrv 9000/3.4\(.0\)
- version/cisco ios xrv 9000/3.4\(.1\)
- version/cisco ios xrv 9000/3.4\(.2\)
- version/cisco ios xrv 9000/3.4\(.3\)
- version/cisco ios xrv 9000/3.5\(.0\)
- version/cisco ios xrv 9000/3.5\(.1\)
- version/cisco ios xrv 9000/3.5\(.2\)
- version/cisco ios xrv 9000/3.5\(.3\)
- version/cisco ios xrv 9000/3.5\(.4\)
- version/cisco ios xrv 9000/3.6\(.1\)
- version/cisco ios xrv 9000/3.6\(.2\)
- version/cisco ios xrv 9000/3.6\(.3\)
- version/cisco ios xrv 9000/3.6_base
- version/cisco ios xrv 9000/3.7\(.1\)
- version/cisco ios xrv 9000/3.7\(.2\)
- version/cisco ios xrv 9000/3.7\(.3\)
- version/cisco ios xrv 9000/3.7_base
- version/cisco ios xrv 9000/3.8\(.0\)
- version/cisco ios xrv 9000/3.8\(.1\)
- version/cisco ios xrv 9000/3.8\(.2\)
- version/cisco ios xrv 9000/3.8\(.3\)
- version/cisco ios xrv 9000/3.8\(.4\)
- version/cisco ios xrv 9000/3.9\(.0\)
- version/cisco ios xrv 9000/3.9\(.1\)
- version/cisco ios xrv 9000/3.9\(.2\)
- version/cisco ios xrv 9000/4.0\(.0\)
- version/cisco ios xrv 9000/4.0\(.1\)
- version/cisco ios xrv 9000/4.0\(.2\)
- version/cisco ios xrv 9000/4.0\(.3\)
- version/cisco ios xrv 9000/4.0\(.4\)
- version/cisco ios xrv 9000/4.0\(.11\)
- version/cisco ios xrv 9000/4.0_base
- version/cisco ios xrv 9000/4.1\(.0\)
- version/cisco ios xrv 9000/4.1\(.1\)
- version/cisco ios xrv 9000/4.1\(.2\)
- version/cisco ios xrv 9000/4.1_base
- version/cisco ios xrv 9000/4.2\(.0\)
- version/cisco ios xrv 9000/4.2\(.1\)
- version/cisco ios xrv 9000/4.2\(.2\)
- version/cisco ios xrv 9000/4.2\(.3\)
- version/cisco ios xrv 9000/4.2\(.4\)
- version/cisco ios xrv 9000/4.3\(.0\)