CVE-2019-0049

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 16.1R7-S3 Junos OS versions prior to 16.2R2-S9 Junos OS versions prior to 17.1R3 Junos OS versions prior to 17.2R3 Junos OS versions prior to 17.2X75-D105 Junos OS versions prior to 17.3R3-S2 Junos OS versions prior to 17.4R1-S7 Junos OS versions prior to 17.4R2-S2 Junos OS versions prior to 17.4R3 Junos OS versions prior to 18.1R3-S2 Junos OS versions prior to 18.2R2 Junos OS versions prior to 18.2X75-D12 Junos OS versions prior to 18.2X75-D30 Junos OS versions prior to 18.3R1-S4 Junos OS versions prior to 18.3R2

Description The issue exists due to insufficient input validation in the BGP protocol implementation of Junos OS. A certain sequence of BGP session restarts on a remote peer with the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart, leading to a Denial of Service (DoS). Repeated crashes of the RPD process can cause prolonged DoS. The BGP graceful restart helper mode is enabled by default.

Recommendations For Junos OS versions prior to 16.1R7-S3, update to 16.1R7-S3 or later. For Junos OS versions prior to 16.2R2-S9, update to 16.2R2-S9 or later. For Junos OS versions prior to 17.1R3, update to 17.1R3 or later. For Junos OS versions prior to 17.2R3, update to 17.2R3 or later. For Junos OS versions prior to 17.2X75-D105, update to 17.2X75-D105 or later. For Junos OS versions prior to 17.3R3-S2, update to 17.3R3-S2 or later. For Junos OS versions prior to 17.4R1-S7, update to 17.4R1-S7 or later. For Junos OS versions prior to 17.4R2-S2, update to 17.4R2-S2 or later. For Junos OS versions prior to 17.4R3, update to 17.4R3 or later. For Junos OS versions prior to 18.1R3-S2, update to 18.1R3-S2 or later. For Junos OS versions prior to 18.2R2, update to 18.2R2 or later. For Junos OS versions prior to 18.2X75-D12, update to 18.2X75-D12 or later. For Junos OS versions prior to 18.2X75-D30, update to 18.2X75-D30 or later. For Junos OS versions prior to 18.3R1-S4, update to 18.3R1-S4 or later. For Junos OS versions prior to 18.3R2, update to 18.3R2 or later.