CVE-2017-10605

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 12.1X46-D67 on vSRX or SRX Series Junos OS versions prior to 12.3X48-D50 on vSRX or SRX Series Junos OS versions prior to 15.1X49-D91, 15.1X49-D100 on vSRX or SRX Series

Description A specially crafted packet might cause the flowd process to crash when the DHCP or DHCP relay is configured on vSRX and SRX Series devices, potentially leading to a denial of service condition. Repeated crashes may cause extended interruptions, and in high-availability configurations, the primary node may fail over to the secondary node. Sustained crafted packets may cause the secondary node to fail or completely halt the flowd process on both nodes.

Recommendations For Junos OS versions prior to 12.1X46-D67 on vSRX or SRX Series, update to version 12.1X46-D67 or later. For Junos OS versions prior to 12.3X48-D50 on vSRX or SRX Series, update to version 12.3X48-D50 or later. For Junos OS versions prior to 15.1X49-D91, 15.1X49-D100 on vSRX or SRX Series, update to version 15.1X49-D91, 15.1X49-D100 or later.