CVE-2019-0003

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 12.1X46-D77 Junos OS versions prior to 12.3R12-S10 Junos OS versions prior to 12.3X48-D70 Junos OS versions prior to 14.1X53-D47 Junos OS versions prior to 15.1R3 Junos OS versions prior to 15.1F3 Junos OS versions prior to 15.1X49-D140 Junos OS versions prior to 15.1X53-D59

Description: The issue is related to incorrect data processing in the Junos operating system. Exploitation of this issue may allow a remote attacker to cause a denial of service due to a crash of the routing protocol daemon (rpd) process. This can occur when a specific BGP flowspec configuration is enabled and a specific matching BGP packet is received, causing a reachable assertion failure.

Recommendations: For versions prior to 12.1X46-D77, update to 12.1X46-D77 or later. For versions prior to 12.3R12-S10, update to 12.3R12-S10 or later. For versions prior to 12.3X48-D70, update to 12.3X48-D70 or later. For versions prior to 14.1X53-D47, update to 14.1X53-D47 or later. For versions prior to 15.1R3, update to 15.1R3 or later. For versions prior to 15.1F3, update to 15.1F3 or later. For versions prior to 15.1X49-D140, update to 15.1X49-D140 or later. For versions prior to 15.1X53-D59, update to 15.1X53-D59 or later.