CVE-2019-0067

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 16.1R6-S2 Junos OS versions prior to 16.1R7 Junos OS versions prior to 16.2R2-S10 Junos OS versions prior to 17.1R3

Description The issue exists due to insufficient input validation in the Routing Engine component of Junos OS. Exploitation of this issue may allow a remote attacker to cause a denial of service by sending specially crafted IPv6 packets. Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart. By continuously sending a specially crafted IPv6 packet, an attacker can repeatedly crash the system, causing a prolonged denial of service.

Recommendations For versions prior to 16.1R6-S2, update to 16.1R6-S2 or later. For versions prior to 16.1R7, update to 16.1R7 or later. For versions prior to 16.2R2-S10, update to 16.2R2-S10 or later. For versions prior to 17.1R3, update to 17.1R3 or later. As a temporary workaround, consider restricting access to the Routing Engine component to minimize the risk of exploitation.