CVE-2017-2301

Name of the Vulnerable Software and Affected Versions Junos OS versions 11.4 prior to 11.4R13-S3 Junos OS versions 12.1X46 prior to 12.1X46-D60 Junos OS versions 12.3 prior to 12.3R12-S2 or 12.3R13 Junos OS versions 12.3X48 prior to 12.3X48-D40 Junos OS versions 13.2X51 prior to 13.2X51-D40 Junos OS versions 13.3 prior to 13.3R10 Junos OS versions 14.1 prior to 14.1R8 Junos OS versions 14.1X53 prior to 14.1X53-D12 or 14.1X53-D35 Junos OS versions 14.1X55 prior to 14.1X55-D35 Junos OS versions 14.2 prior to 14.2R7 Junos OS versions 15.1 prior to 15.1F6 or 15.1R3 Junos OS versions 15.1X49 prior to 15.1X49-D60 Junos OS versions 15.1X53 prior to 15.1X53-D30

Description The issue is related to the improper handling of data by the jdhcpd daemon in the Junos operating system. This can be exploited by a remote attacker using a specially crafted DHCPv6 packet, leading to the crash and restart of the jdhcpd daemon. Repeated crashes may cause an extended denial of service condition for subscribers attempting to obtain IPv6 addresses.

Recommendations For Junos OS versions 11.4 prior to 11.4R13-S3, update to 11.4R13-S3 or later. For Junos OS versions 12.1X46 prior to 12.1X46-D60, update to 12.1X46-D60 or later. For Junos OS versions 12.3 prior to 12.3R12-S2 or 12.3R13, update to 12.3R12-S2, 12.3R13, or later. For Junos OS versions 12.3X48 prior to 12.3X48-D40, update to 12.3X48-D40 or later. For Junos OS versions 13.2X51 prior to 13.2X51-D40, update to 13.2X51-D40 or later. For Junos OS versions 13.3 prior to 13.3R10, update to 13.3R10 or later. For Junos OS versions 14.1 prior to 14.1R8, update to 14.1R8 or later. For Junos OS versions 14.1X53 prior to 14.1X53-D12 or 14.1X53-D35, update to 14.1X53-D12, 14.1X53-D35, or later. For Junos OS versions 14.1X55 prior to 14.1X55-D35, update to 14.1X55-D35 or later. For Junos OS versions 14.2 prior to 14.2R7, update to 14.2R7 or later. For Junos OS versions 15.1 prior to 15.1F6 or 15.1R3, update to 15.1F6, 15.1R3, or later. For Junos OS versions 15.1X49 prior to 15.1X49-D60, update to 15.1X49-D60 or later. For Junos OS versions 15.1X53 prior to 15.1X53-D30, update to 15.1X53-D30 or later. As a temporary workaround, consider disabling DHCPv6 until a patch is available.