Cisco Cisco IOS Software Release 15.0(1)XA
13
Release Notes for Cisco 2800 Series Integrated Services Routers with Cisco IOS Release 15.0(1)XA
OL-20857-06
Caveats
Resolved Caveats - Release 15.0(1)XA5
Note
This will be the last rebuild of the Cisco IOS XA release. No further DDTS will be committed to this
branch. The migration path for this release is 15.1T or a later release.
branch. The migration path for this release is 15.1T or a later release.
CSCth03022 Crafted SIP packets may cause device to reload.
Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS
Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a
reload of an affected device or trigger memory leaks that may result in system instabilities. Affected
devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable.
Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a
reload of an affected device or trigger memory leaks that may result in system instabilities. Affected
devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable.
Cisco has released free software updates that address these vulnerabilities. There are no workarounds
for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.
for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.
This advisory is posted at
.
CSCti33534 "no ipv6 address autoconfig" may cause crash after router advert flood.
Symptom
After launching a flood of random IPv6 router advertisements when an interface is configured
with ''ipv6 address autoconf'', removing the IPv6 configuration on the interface with ''no ipv6 address
autoconf'' may cause a reload. Other system instabilities are also possible during and after the flood of
random IPv6 router advertisements.
autoconf'' may cause a reload. Other system instabilities are also possible during and after the flood of
random IPv6 router advertisements.
Conditions
Cisco IOS is configured with ''ipv6 address autoconf''.
Workaround
Not using IPv6 auto-configuration may be used as a workaround.
Note
Cisco IOS checks for the hop limit field in incoming Neighbour Discovery messages and packets
received with a hop limit not equal to 255 are discarded. This means that the flood of ND messages has
to come from a host that is directly connected to the Cisco IOS device.
received with a hop limit not equal to 255 are discarded. This means that the flood of ND messages has
to come from a host that is directly connected to the Cisco IOS device.