CVE-2017-10611

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 14.1R8-S5 Junos OS versions 14.1X53 prior to 14.1X53-D46 Junos OS versions 14.1X53 prior to 14.1X53-D50 Junos OS versions 14.2 prior to 14.2R7-S9 Junos OS versions 14.2 prior to 14.2R8 Junos OS versions 15.1 prior to 15.1F5-S8 Junos OS versions 15.1 prior to 15.1F6-S8 Junos OS versions 15.1 prior to 15.1R5-S3 Junos OS versions 15.1 prior to 15.1R6 Junos OS versions 16.1 prior to 16.1R4-S5 Junos OS versions 16.1 prior to 16.1R5 Junos OS versions 16.1 prior to 16.1R6 Junos OS versions 16.1X65 prior to 16.1X65-D45 Junos OS versions 16.2 prior to 16.2R2-S1 Junos OS versions 16.2 prior to 16.2R3 Junos OS versions 17.1 prior to 17.1R2-S2 Junos OS versions 17.1 prior to 17.1R3 Junos OS versions 17.2 prior to 17.2R1-S3 Junos OS versions 17.2 prior to 17.2R2 Junos OS versions 17.2X75 prior to 17.2X75-D50 Junos OS versions 17.3 prior to 17.3R1-S1 Junos OS versions 17.3 prior to 17.3R2

Description When extended statistics are enabled via 'set chassis extended-statistics', executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, can cause the pfem process or the FPC to crash and restart. Repeated crashes of PFE processing can result in an extended denial of service condition. This issue affects specific platforms, including EX2200, EX3300, XRE200, and MX Series routers with MPC7E/8E/9E PFEs installed, only if 'extended-statistics' are enabled under the [edit chassis] configuration.

Recommendations For Junos OS versions prior to 14.1R8-S5, update to 14.1R8-S5 or later. For Junos OS versions 14.1X53 prior to 14.1X53-D46, update to 14.1X53-D46 or later. For Junos OS versions 14.1X53 prior to 14.1X53-D50, update to 14.1X53-D50 or later. For Junos OS versions 14.2 prior to 14.2R7-S9, update to 14.2R7-S9 or later. For Junos OS versions 14.2 prior to 14.2R8, update to 14.2R8 or later. For Junos OS versions 15.1 prior to 15.1F5-S8, update to 15.1F5-S8 or later. For Junos OS versions 15.1 prior to 15.1F6-S8, update to 15.1F6-S8 or later. For Junos OS versions 15.1 prior to 15.1R5-S3, update to 15.1R5-S3 or later. For Junos OS versions 15.1 prior to 15.1R6, update to 15.1R6 or later. For Junos OS versions 16.1 prior to 16.1R4-S5, update to 16.1R4-S5 or later. For Junos OS versions 16.1 prior to 16.1R5, update to 16.1R5 or later. For Junos OS versions 16.1 prior to 16.1R6, update to 16.1R6 or later. For Junos OS versions 16.1X65 prior to 16.1X65-D45, update to 16.1X65-D45 or later. For Junos OS versions 16.2 prior to 16.2R2-S1, update to 16.2R2-S1 or later. For Junos OS versions 16.2 prior to 16.2R3, update to 16.2R3 or later. For Junos OS versions 17.1 prior to 17.1R2-S2, update to 17.1R2-S2 or later. For Junos OS versions 17.1 prior to 17.1R3, update to 17.1R3 or later. For Junos OS versions 17.2 prior to 17.2R1-S3, update to 17.2R1-S3 or later. For Junos OS versions 17.2 prior to 17.2R2, update to 17.2R2 or later. For Junos OS versions 17.2X75 prior to 17.2X75-D50, update to 17.2X75-D50 or later. For Junos OS versions 17.3 prior to 17.3R1-S1, update to 17.3R1-S1 or later. For Junos OS versions 17.3 prior to 17.3R2, update to 17.3R2 or later.