CVE-2017-10618

Name of the Vulnerable Software and Affected Versions Junos OS versions 13.3 prior to 13.3R10-S2 Junos OS versions 14.1 prior to 14.1R8-S4, 14.1R9 Junos OS versions 14.1X50 prior to 14.1X50-D185 Junos OS versions 14.1X53 prior to 14.1X53-D45, 14.1X53-D50 Junos OS versions 14.2 prior to 14.2R7-S7, 14.2R8 Junos OS versions 15.1 prior to 15.1F5-S8, 15.1F6-S7, 15.1R5-S6, 15.1R6-S2, 15.1R7 Junos OS versions 15.1X49 prior to 15.1X49-D100 Junos OS versions 15.1X53 prior to 15.1X53-D64, 15.1X53-D70 Junos OS versions 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R5 Junos OS versions 16.2 prior to 16.2R1-S5, 16.2R2 Junos OS versions 17.1 prior to 17.1R1-S3, 17.1R2 Junos OS versions 17.2 prior to 17.2R1-S2, 17.2R2 Junos OS versions 17.2X75 prior to 17.2X75-D50

Description The issue occurs when the 'bgp-error-tolerance' feature is enabled, allowing a BGP UPDATE with specifically crafted transitive attributes to cause the RPD routing process to crash and restart. Devices with BGP enabled that do not have 'bgp-error-tolerance' configured are not affected.

Recommendations For each affected version, update to the respective fixed release or later to resolve the issue. Update to Junos OS 13.3R10-S2 or later for versions 13.3 prior to 13.3R10-S2 Update to Junos OS 14.1R8-S4, 14.1R9 or later for versions 14.1 prior to 14.1R8-S4, 14.1R9 Update to Junos OS 14.1X50-D185 or later for versions 14.1X50 prior to 14.1X50-D185 Update to Junos OS 14.1X53-D45, 14.1X53-D50 or later for versions 14.1X53 prior to 14.1X53-D45, 14.1X53-D50 Update to Junos OS 14.2R7-S7, 14.2R8 or later for versions 14.2 prior to 14.2R7-S7, 14.2R8 Update to Junos OS 15.1F5-S8, 15.1F6-S7, 15.1R5-S6, 15.1R6-S2, 15.1R7 or later for versions 15.1 prior to 15.1F5-S8, 15.1F6-S7, 15.1R5-S6, 15.1R6-S2, 15.1R7 Update to Junos OS 15.1X49-D100 or later for versions 15.1X49 prior to 15.1X49-D100 Update to Junos OS 15.1X53-D64, 15.1X53-D70 or later for versions 15.1X53 prior to 15.1X53-D64, 15.1X53-D70 Update to Junos OS 16.1R3-S4, 16.1R4-S3, 16.1R5 or later for versions 16.1 prior to 16.1R3-S4, 16.1R4-S3, 16.1R5 Update to Junos OS 16.2R1-S5, 16.2R2 or later for versions 16.2 prior to 16.2R1-S5, 16.2R2 Update to Junos OS 17.1R1-S3, 17.1R2 or later for versions 17.1 prior to 17.1R1-S3, 17.1R2 Update to Junos OS 17.2R1-S2, 17.2R2 or later for versions 17.2 prior to 17.2R1-S2, 17.2R2 Update to Junos OS 17.2X75-D50 or later for versions 17.2X75 prior to 17.2X75-D50