CISCO-SA-XRNCS-EPNI-INT-DOS-TWMFFUSN

Vulnerable Products:

This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco IOS XR Software, regardless of the device configuration:

NCS 5700 Series line cards with the following products IDs (PIDs): NC57-18DD-SE NC57-24DD NC57-36H-SE NC57-36H6D-S NC57-MOD-S

NCS 5700 Series Fixed Chassis with the following PIDs: NCS-57B1-5D24H-SE NCS-57B1-5DSE-SYS NCS-57B1-6D24-SYS NCS-57B1-6D24H-S

This vulnerability also affects Cisco IOS XR for Third Party Hardware if the third-party hardware has a Jericho 2 ASIC.

For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.

Determine Whether an Affected Line Card Is Installed

To determine if an affected line card is installed on a system, use the show inventory CLI command and look for the PIDs of affected line cards:

RP/0/RP0/CPU0:NCS_Router# show inventory Tue Feb 18 10:55:15.397 UTC NAME: "0/0", DESCR: "NCS 5700 18x400GE Line Card with TCAM" PID: NC57-18DD-SE , VID: V03, SN: JAE271602RT

NAME: "HundredGigE0/0/0/0", DESCR: "Cisco QSFP28 100G SR4 Pluggable Optics Module" PID: QSFP-100G-SR4-S , VID: V03, SN: INL270701RY

NAME: "FourHundredGigE0/0/0/18", DESCR: "Cisco QSFPDD 400G DR4 Pluggable Optics Module" PID: QDD-400G-DR4-S , VID: V02 , SN: INL27060SZ7

NAME: "0/1", DESCR: "NCS 5700 36x100GE 6x400GE Line Card" PID: NC57-36H6D-S , VID: V01, SN: JAE27170FQG

NAME: "0/2", DESCR: "NCS 5700 2XMPA Scaled Line Card, MACSec" PID: NC55-MOD-A-SE-S , VID: V02, SN: JAE2714041Y

NAME: "GigabitEthernet0/2/0/4", DESCR: "Cisco SFP 1G 1000BASE-SX Pluggable Optics Module" PID: SFP-GE-S , VID: V01, SN: FNS11510HSN

NAME: "0/3", DESCR: "NCS 5700 36x100GE Line Card with TCAM" PID: NC57-36H-SE , VID: V02, SN: JAE271406WCProducts Confirmed Not Vulnerable:

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to...