Cisco has released software updates that address both vulnerabilities.
However a workaround the for the Cisco IOS XR Vulnerability will be to verify that no more than 10 PCEs are configured in a single OSPF area.
To Get Updates Cisco Advises;
Customers with Service Contracts: Customers with contracts should obtain software through their regular update channels eg Through Software Navigator at http://www.cisco.com/cisco/software/navigator.html Customers Using Third-Party Support Organizations: The effectiveness of any workaround or fix depends on specific customer situations, such as product mix, network topology, traffic behavior, and organizational mission. Because of the variety of affected products and releases, customers should consult their service providers or support organizations to ensure that any applied workaround or fix is the most appropriate in the intended network before it is deployed.
Customers Without Service Contracts: obtain software patches and bug fixes by contacting the Cisco Technical Assistance Center (TAC): +32 2 704 5555 or e-mail: firstname.lastname@example.org Visit http://www.cisco.com/c/en/us/support/web /tsd-cisco-worldwide-contacts.html for more contact information Customers should have the product serial number available and be prepared to provide the URL of the Cisco advisory ( usually in the hyperlinks section of this advisory) as evidence of entitlement to a software patch or bug fix.