CVE-2019-0019

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 16.1R7-S4, 16.1R7-S5 Junos OS versions prior to 16.2R2-S9, 16.2R3 Junos OS versions prior to 17.1R3 Junos OS versions prior to 17.2R3-S1 Junos OS versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4 Junos OS versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3 Junos OS versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4 Junos OS versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3 Junos OS versions prior to 18.2X75-D40 Junos OS versions prior to 18.3R1-S3, 18.3R2 Junos OS versions prior to 18.4R1-S2, 18.4R2

Description The issue exists due to insufficient input validation in the BGP component of the Junos OS. This can cause the routing protocol daemon (rpd) process to crash and restart when BGP tracing is enabled and an incoming BGP message is received. Repeated crashes can result in an extended denial-of-service (DoS) condition.

Recommendations For Junos OS versions prior to 16.1R7-S4, 16.1R7-S5, update to 16.1R7-S4 or later. For Junos OS versions prior to 16.2R2-S9, 16.2R3, update to 16.2R2-S9 or later. For Junos OS versions prior to 17.1R3, update to 17.1R3 or later. For Junos OS versions prior to 17.2R3-S1, update to 17.2R3-S1 or later. For Junos OS versions prior to 17.3R3-S3, 17.3R3-S4, 17.3R4, update to 17.3R3-S3 or later. For Junos OS versions prior to 17.4R1-S7, 17.4R2-S3, 17.4R2-S4, 17.4R3, update to 17.4R1-S7 or later. For Junos OS versions prior to 18.1R2-S4, 18.1R3-S4, 18.1R4, update to 18.1R2-S4 or later. For Junos OS versions prior to 18.2R2-S2, 18.2R2-S3, 18.2R3, update to 18.2R2-S2 or later. For Junos OS versions prior to 18.2X75-D40, update to 18.2X75-D40 or later. For Junos OS versions prior to 18.3R1-S3, 18.3R2, update to 18.3R1-S3 or later. For Junos OS versions prior to 18.4R1-S2, 18.4R2, update to 18.4R1-S2 or later.