CISCO-SA-MULTICAST-ERMRSVQ7

Vulnerable Products:

This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco IOS XR 64-bit Software and have a vulnerable configuration enabled for any of the installed line cards:

ASR 9000 Series Aggregation Services Routers if they have a Lightspeed or Lightspeed-Plus-based line card installed ASR 9902 Compact High-Performance Routers ASR 9903 Compact High-Performance Routers

For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.

This vulnerability was introduced by the code that fixed Cisco bug ID CSCwf56155 ["https://bst.cisco.com/bugsearch/bug/CSCwf56155"]. Any software release or SMU that includes that fix is vulnerable. For more information, see Cisco IOS XR Software for ASR 9000 Series Routers IPv4 Unicast Packets Denial of Service Vulnerability ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4uni-LfM3cfBu"]. Determine Which Line Cards Are Installed To determine which line cards are installed in the device, use the show platform CLI command.

Cisco ASR 9902 and 9903 Compact High-Performance Routers integrate a Lightspeed-Plus-based line card.

The following line cards are Lightspeed-based:

A9K-16X100GE-TR A99-16X100GE-X-SE A99-32X100GE-TR

The following line cards are Lightspeed-Plus-based:

A9K-4HG-FLEX-SE A9K-4HG-FLEX-TR A9K-8HG-FLEX-SE A9K-8HG-FLEX-TR A9K-20HG-FLEX-SE A9K-20HG-FLEX-TR A99-4HG-FLEX-SE A99-4HG-FLEX-TR A99-10X400GE-X-SE A99-10X400GE-X-TR A99-32X100GE-X-SE A99-32X100GE-X-TR

For more information about line card type identification, see ASR 9000 Series Line Card Types ["https://www.cisco.com/c/en/us/support/docs/routers/asr-9000-series-aggregation-services-routers/116726-qanda-product-00.html"].

Note: The Cisco Lightspeed-Plus list of product identifiers was accurate at the time of publication. For specific questions and further...