CVE-2017-2340

Name of the Vulnerable Software and Affected Versions Junos OS versions 15.1R3 through 15.1R4 Junos OS version 16.1 prior to 16.1R3

Description The issue exists due to insufficient input validation in a component of the Juniper Networks Junos operating system. This can be exploited by a remote attacker to cause the Packet Forwarding Engine (PFE) to hang or crash. The vulnerability is specifically related to the processing of IPv6 ND packets originating from subscribers and destined to M/MX series routers, particularly when Enhanced Subscriber Management for DHCPv6 subscribers is configured.

Recommendations For Junos OS versions 15.1R3 through 15.1R4, update to a version outside of this range to resolve the issue. For Junos OS version 16.1 prior to 16.1R3, update to version 16.1R3 or later to fix the vulnerability. As a temporary workaround, consider restricting the processing of IPv6 ND packets from subscribers to minimize the risk of exploitation.