CVE-2025-20141
Published: 12 March 2025
Description
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Security Summary
CVE-2025-20141 is a vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2. It affects multiple Cisco IOS XR platforms and stems from incorrect processing of these packets by the Linux stack on the route processor. The issue has a CVSS v3.1 base score of 7.4 (AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) and is associated with CWE-770 (Allocation of Resources Without Limits or Throttling).
An unauthenticated, adjacent attacker could exploit this vulnerability by sending traffic that requires handling by the Linux stack on the route processor of an affected device. Successful exploitation would cause control plane traffic to stop working across the device, resulting in a denial-of-service (DoS) condition.
The Cisco security advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY provides details on this vulnerability, including affected versions and recommended mitigation steps. Additional context appears in the APNIC blog post at https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Vulnerability in packet processing leads to resource exhaustion (CWE-770) enabling DoS on control plane via exploitation of the system.