CVE-2020-26070 | Cisco IOS XR¾Ü¾øЧÀÍÎó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-11-11

0x00 Îó²î¸ÅÊö

CNVD   ID

CVE-2020-26070

ʱ      ¼ä

2020-11-11

Àà     ÐÍ

¾Ü¾øЧÀÍ

µÈ      ¼¶

¸ßΣ

Ô¶³ÌʹÓÃ

ÊÇ

Ó°Ïì¹æÄ£

Cisco IOS XR < 6.7.2µÄ Cisco ASR 9000ϵÁÐ

Cisco IOS XR < 7.1.2µÄCisco ASR 9000ϵÁÐ

 

0x01 Îó²îÏêÇé

 image.png


2020Äê11ÔÂ10ÈÕ£¬£¬£¬£¬£¬£¬ £¬CiscoÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬ £¬ÆäÊÊÓÃÓÚCisco ASR 9000ϵÁеÄCisco IOS XRϵͳµÄÊý¾Ý°ü´¦Öóͷ£¹¦Ð§Öб£´æÒ»¸ö¾Ü¾øЧÀÍÎó²î£¨CVE-2020-26070£©£¬£¬£¬£¬£¬£¬ £¬¸ÃÎó²îCVSSÆÀ·Ö8.6¡£¡£¡£

¸ÃÎó²îÊÇ×°±¸ÔÚswitching mode (punted)Ï´¦Öóͷ£ÍøÂçÁ÷Á¿Ê±×ÊÔ´·ÖÅɲ»µ±µ¼Öµġ£¡£¡£¹¥»÷Õß¿ÉÒÔͨ¹ý·¢ËͶñÒâµÄ2²ã»ò3²ãЭÒéÊý¾Ýµ¥Î»£¨PDU£©À´Ê¹ÓôËÎó²î¡£¡£¡£ÀÖ³ÉʹÓôËÎó²î½«Ê¹µÃ×°±¸»º³åÇø×ÊÔ´ºÄ¾¡£¬£¬£¬£¬£¬£¬ £¬×îÖÕµ¼Ö¾ܾøЧÀÍ¡£¡£¡£×°±¸ÐèÒªÖØÐÂÆô¶¯²Å»ªÕý³£ÔËÐС£¡£¡£

µ±×°±¸»º³åÇø×ÊÔ´ºÄ¾¡Ê±£¬£¬£¬£¬£¬£¬ £¬¿ÉÄÜÔÚϵͳÈÕÖ¾Öп´µ½ÒÔÏÂÐÂÎÅ£º

%PKT_INFRA-spp-4-PKT_ALLOC_FAIL : Failed to allocate n packets for sending

µ«»º³åÇø×ÊÔ´ºÄ¾¡Ò²¿ÉÄÜÊÇÎó²îʹÓÃÖ®ÍâµÄÆäËûÔµ¹ÊÔ­Óɵ¼ÖµÄ£¬£¬£¬£¬£¬£¬ £¬ÐèÏêϸÇéÐÎÏêϸÆÊÎö¡£¡£¡£


0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚCiscoÒѾ­ÐÞ¸´ÁË´ËÎó²î¡£¡£¡£½¨ÒéÉý¼¶ÖÁ£º

Cisco IOS XR 6.7.2¼°¸ü¸ß°æ±¾

Cisco IOS XR 7.1.2¼°¸ü¸ß°æ±¾

ÏÂÔصص㣺

https://software.cisco.com/download/find


0x03 ²Î¿¼Á´½Ó

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26070


0x04 ʱ¼äÏß

2020-11-10  CiscoÐû²¼Ç徲ͨ¸æ

2020-11-11  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

 

image.png