Cisco CRS Carrier Grade Services for CRS-1 and CRS-3 are affected. For information about affected releases, see the associated Cisco bug, which is accessible through the Cisco Bug Search Tool
Cisco CRS running an affected version of IOS XR and configured to process IPv6 over MPLS packets is affected. The affected router must strip the MPLS label and parse the crafted IPv6 packet. IPv6 packets received without an MPLS label do not trigger the vulnerability.
On line cards based on CRS-1 or CRS-3, the processing of the packets will result in a crash. On cards based on CRS-X, packet processing will result in a packet processing engine (PPE) dump.
No other Cisco products are currently known to be affected by this vulnerability.