CVE-2024-20304
HIGHDescription
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to exhaust the incoming UDP packet memory. The affected device would not be able to process higher-level UDP-based protocols packets, possibly causing a denial of service (DoS) condition. Note: This vulnerability can be exploited using IPv4 or IPv6.
Is your site exposed to CVE-2024-20304?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
| cisco | ios_xr |
References
Frequently Asked Questions
What is CVE-2024-20304? +
How severe is CVE-2024-20304? +
What products are affected by CVE-2024-20304? +
How do I check if I'm vulnerable to CVE-2024-20304? +
Related Vulnerabilities
A denial-of-service security issue exists within the 1794-AENTR adapter due to improper memory handling of CIP protocol requests. This vulnerability …
Virtual attribute handling in Ping Identity PingDirectory in affected versions allows only authorized users to exhaust java memory heap when …
Missing Release of Memory after Effective Lifetime vulnerability in leandrocp mdex and mdex_native allows an attacker who controls a rendered …
imlib2 v1.9.1 was discovered to mishandle memory allocation in the function init_imlib_fonts().
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall …
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall …