CVE-2024-20434: Integer Overflow
First published: Wed Sep 25 2024(Updated: )
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be accessible through the console or CLI, and it would not respond to ping requests, SNMP requests, or requests from other control plane protocols. Traffic that is traversing the device through the data plane is not affected. A reload of the device is required to restore control plane services.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS XE | =16.6.1 | |
| Cisco IOS XE | =16.6.2 | |
| Cisco IOS XE | =16.6.3 | |
| Cisco IOS XE | =16.6.4 | |
| Cisco IOS XE | =16.6.4a | |
| Cisco IOS XE | =16.6.5 | |
| Cisco IOS XE | =16.6.6 | |
| Cisco IOS XE | =16.6.7 | |
| Cisco IOS XE | =16.6.8 | |
| Cisco IOS XE | =16.6.9 | |
| Cisco IOS XE | =16.6.10 | |
| Cisco IOS XE | =16.7.1 | |
| Cisco IOS XE | =16.8.1 | |
| Cisco IOS XE | =16.8.1a | |
| Cisco IOS XE | =16.8.1s | |
| Cisco IOS XE | =16.9.1 | |
| Cisco IOS XE | =16.9.1s | |
| Cisco IOS XE | =16.9.2 | |
| Cisco IOS XE | =16.9.3 | |
| Cisco IOS XE | =16.9.4 | |
| Cisco IOS XE | =16.9.5 | |
| Cisco IOS XE | =16.9.6 | |
| Cisco IOS XE | =16.9.7 | |
| Cisco IOS XE | =16.9.8 | |
| Cisco IOS XE | =16.10.1 | |
| Cisco IOS XE | =16.10.1e | |
| Cisco IOS XE | =16.10.1s | |
| Cisco IOS XE | =16.11.1 | |
| Cisco IOS XE | =16.11.1b | |
| Cisco IOS XE | =16.11.1s | |
| Cisco IOS XE | =16.12.1 | |
| Cisco IOS XE | =16.12.1c | |
| Cisco IOS XE | =16.12.1s | |
| Cisco IOS XE | =16.12.2 | |
| Cisco IOS XE | =16.12.2s | |
| Cisco IOS XE | =16.12.3 | |
| Cisco IOS XE | =16.12.3a | |
| Cisco IOS XE | =16.12.3s | |
| Cisco IOS XE | =16.12.4 | |
| Cisco IOS XE | =16.12.4a | |
| Cisco IOS XE | =16.12.5 | |
| Cisco IOS XE | =16.12.5b | |
| Cisco IOS XE | =16.12.6 | |
| Cisco IOS XE | =16.12.6a | |
| Cisco IOS XE | =16.12.7 | |
| Cisco IOS XE | =16.12.8 | |
| Cisco IOS XE | =17.1.1 | |
| Cisco IOS XE | =17.1.1s | |
| Cisco IOS XE | =17.1.1t | |
| Cisco IOS XE | =17.1.3 | |
| Cisco IOS XE | =17.2.1 | |
| Cisco IOS XE | =17.2.1a | |
| Cisco IOS XE | =17.3.1 | |
| Cisco IOS XE | =17.3.2 | |
| Cisco IOS XE | =17.3.2a | |
| Cisco IOS XE | =17.3.3 | |
| Cisco IOS XE | =17.3.4 | |
| Cisco IOS XE | =17.3.4b | |
| Cisco IOS XE | =17.3.5 | |
| Cisco IOS XE | =17.3.6 | |
| Cisco IOS XE | =17.3.7 | |
| Cisco IOS XE | =17.3.8 | |
| Cisco IOS XE | =17.3.8a | |
| Cisco IOS XE | =17.4.1 | |
| Cisco IOS XE | =17.5.1 | |
| Cisco IOS XE | =17.6.1 | |
| Cisco IOS XE | =17.6.2 | |
| Cisco IOS XE | =17.6.3 | |
| Cisco IOS XE | =17.6.4 | |
| Cisco IOS XE | =17.6.5 | |
| Cisco IOS XE | =17.6.5a | |
| Cisco IOS XE | =17.6.6 | |
| Cisco IOS XE | =17.6.6a | |
| Cisco IOS XE | =17.6.7 | |
| Cisco IOS XE | =17.7.1 | |
| Cisco IOS XE | =17.8.1 | |
| Cisco IOS XE | =17.9.1 | |
| Cisco IOS XE | =17.9.2 | |
| Cisco IOS XE | =17.9.3 | |
| Cisco IOS XE | =17.9.4 | |
| Cisco IOS XE | =17.9.4a | |
| Cisco IOS XE | =17.9.5 | |
| Cisco IOS XE | =17.10.1 | |
| Cisco IOS XE | =17.10.1b | |
| Cisco IOS XE | =17.11.1 | |
| Cisco IOS XE | =17.11.99sw | |
| Cisco IOS XE | =17.12.1 | |
| Cisco IOS XE | =17.12.2 | |
| Cisco IOS XE | =17.12.3 | |
| Cisco IOS XE | =17.13.1 | |
| Cisco IOS XE | =17.14.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-20434?
CVE-2024-20434 has been classified as a high severity vulnerability due to its potential to cause a denial of service condition on affected devices.
How do I fix CVE-2024-20434?
To address CVE-2024-20434, users should upgrade their Cisco IOS XE Software to a patched version that resolves the vulnerability.
Which versions of Cisco IOS XE are affected by CVE-2024-20434?
CVE-2024-20434 affects multiple versions of Cisco IOS XE, including versions 16.6.1 through 17.14.1.
Can an attacker exploit CVE-2024-20434 remotely?
CVE-2024-20434 requires an unauthenticated, adjacent attacker to exploit the vulnerability, meaning remote exploitation is not possible.
What impact does CVE-2024-20434 have on affected devices?
Exploitation of CVE-2024-20434 can lead to a denial of service (DoS), affecting the control plane of the device.
- agent/references
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco ios xe
- version/cisco ios xe/16.6.1
- version/cisco ios xe/16.6.2
- version/cisco ios xe/16.6.3
- version/cisco ios xe/16.6.4
- version/cisco ios xe/16.6.4a
- version/cisco ios xe/16.6.5
- version/cisco ios xe/16.6.6
- version/cisco ios xe/16.6.7
- version/cisco ios xe/16.6.8
- version/cisco ios xe/16.6.9
- version/cisco ios xe/16.6.10
- version/cisco ios xe/16.7.1
- version/cisco ios xe/16.8.1
- version/cisco ios xe/16.8.1a
- version/cisco ios xe/16.8.1s
- version/cisco ios xe/16.9.1
- version/cisco ios xe/16.9.1s
- version/cisco ios xe/16.9.2
- version/cisco ios xe/16.9.3
- version/cisco ios xe/16.9.4
- version/cisco ios xe/16.9.5
- version/cisco ios xe/16.9.6
- version/cisco ios xe/16.9.7
- version/cisco ios xe/16.9.8
- version/cisco ios xe/16.10.1
- version/cisco ios xe/16.10.1e
- version/cisco ios xe/16.10.1s
- version/cisco ios xe/16.11.1
- version/cisco ios xe/16.11.1b
- version/cisco ios xe/16.11.1s
- version/cisco ios xe/16.12.1
- version/cisco ios xe/16.12.1c
- version/cisco ios xe/16.12.1s
- version/cisco ios xe/16.12.2
- version/cisco ios xe/16.12.2s
- version/cisco ios xe/16.12.3
- version/cisco ios xe/16.12.3a
- version/cisco ios xe/16.12.3s
- version/cisco ios xe/16.12.4
- version/cisco ios xe/16.12.4a
- version/cisco ios xe/16.12.5
- version/cisco ios xe/16.12.5b
- version/cisco ios xe/16.12.6
- version/cisco ios xe/16.12.6a
- version/cisco ios xe/16.12.7
- version/cisco ios xe/16.12.8
- version/cisco ios xe/17.1.1
- version/cisco ios xe/17.1.1s
- version/cisco ios xe/17.1.1t
- version/cisco ios xe/17.1.3
- version/cisco ios xe/17.2.1
- version/cisco ios xe/17.2.1a
- version/cisco ios xe/17.3.1
- version/cisco ios xe/17.3.2
- version/cisco ios xe/17.3.2a
- version/cisco ios xe/17.3.3
- version/cisco ios xe/17.3.4
- version/cisco ios xe/17.3.4b
- version/cisco ios xe/17.3.5
- version/cisco ios xe/17.3.6
- version/cisco ios xe/17.3.7
- version/cisco ios xe/17.3.8
- version/cisco ios xe/17.3.8a
- version/cisco ios xe/17.4.1
- version/cisco ios xe/17.5.1
- version/cisco ios xe/17.6.1
- version/cisco ios xe/17.6.2
- version/cisco ios xe/17.6.3
- version/cisco ios xe/17.6.4
- version/cisco ios xe/17.6.5
- version/cisco ios xe/17.6.5a
- version/cisco ios xe/17.6.6
- version/cisco ios xe/17.6.6a
- version/cisco ios xe/17.6.7
- version/cisco ios xe/17.7.1
- version/cisco ios xe/17.8.1
- version/cisco ios xe/17.9.1
- version/cisco ios xe/17.9.2
- version/cisco ios xe/17.9.3
- version/cisco ios xe/17.9.4
- version/cisco ios xe/17.9.4a
- version/cisco ios xe/17.9.5
- version/cisco ios xe/17.10.1
- version/cisco ios xe/17.10.1b
- version/cisco ios xe/17.11.1
- version/cisco ios xe/17.11.99sw
- version/cisco ios xe/17.12.1
- version/cisco ios xe/17.12.2
- version/cisco ios xe/17.12.3
- version/cisco ios xe/17.13.1
- version/cisco ios xe/17.14.1