Cisco Blogs


Cisco Blog > Security

Cisco IOS Queue Wedges Explained

An interface queue wedge is a class of vulnerability in which certain packets are received and queued by a Cisco IOS router or switch, but due to a processing error, are never removed from the queue. This is a problem as there are a finite number of packets that may be queued on an individual interface. Should the queue become full, the device will be unable to receive new traffic via that interface.

Although this type of problem could affect any networked device, queue wedges are a classic security problem for Cisco IOS. There have been several instances of queue wedges on Cisco IOS that resulted in Cisco Security Advisories. Here are some examples:

In order to gain a better understanding of why these vulnerabilities exist and are considered severe, we need to examine things in a bit more detail.

Read More »

Tags: , ,