CVE-2019-0011

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 17.2R1-S7, 17.2R3 Juniper Networks Junos OS versions prior to 17.3R3-S3 Juniper Networks Junos OS versions prior to 17.4R1-S4, 17.4R2 Juniper Networks Junos OS versions prior to 17.2X75-D110 Juniper Networks Junos OS versions prior to 18.1R2

Description The issue is related to errors in processing packets destined for another address, which can cause the kernel to crash. An attacker can exploit this by continuously sending specially crafted packets to the out-of-band management interface, such as fxp0, me0, em0, or vme0, resulting in a sustained Denial of Service.

Recommendations For versions prior to 17.2R1-S7, 17.2R3, update to 17.2R1-S7 or later. For versions prior to 17.3R3-S3, update to 17.3R3-S3 or later. For versions prior to 17.4R1-S4, 17.4R2, update to 17.4R1-S4 or later. For versions prior to 17.2X75-D110, update to 17.2X75-D110 or later. For versions prior to 18.1R2, update to 18.1R2 or later. As a temporary workaround, consider restricting access to the out-of-band management interface to minimize the risk of exploitation.