CVE-2017-2346

Name of the Vulnerable Software and Affected Versions Junos OS versions 14.1X55-D30 through 14.1X55-D35 Junos OS versions 14.2R7 through 14.2R7-S4 Junos OS versions 15.1R5 through 15.1R5-S2 Junos OS versions 16.1R2 through 16.1R3-S2

Description The issue occurs when large fragmented packets are passed through an Application Layer Gateway (ALG) in Junos OS, potentially causing an MS-MPC or MS-MIC Service PIC to crash. Repeated crashes can result in an extended denial of service condition. This issue is only seen if NAT or stateful-firewall rules are configured with ALGs enabled.

Recommendations For Junos OS version 14.1X55-D30, update to version 14.1X55-D35 or later. For Junos OS version 14.2R7, update to version 14.2R7-S4, 14.2R8 or later. For Junos OS version 15.1R5, update to version 15.1R5-S2, 15.1R6 or later. For Junos OS version 16.1R2, update to version 16.1R3-S2, 16.1R4 or later.