CVE-2018-0022

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 12.1X46-D76 Junos OS versions prior to 12.3X48-D66 Junos OS versions prior to 12.3X48-D70 Junos OS versions prior to 14.1R9 Junos OS versions prior to 14.1X53-D47 Junos OS versions prior to 14.2R8 Junos OS versions prior to 15.1F2-S19 Junos OS versions prior to 15.1F6-S10 Junos OS versions prior to 15.1R4-S9 Junos OS versions prior to 15.1R5-S7 Junos OS versions prior to 15.1R6-S4 Junos OS versions prior to 15.1R7 Junos OS versions prior to 15.1X49-D131 Junos OS versions prior to 15.1X49-D140 Junos OS versions prior to 15.1X53-D58 on EX2300/EX3400 Junos OS versions prior to 15.1X53-D233 on QFX5200/QFX5110 Junos OS versions prior to 15.1X53-D471 on NFX Junos OS versions prior to 15.1X53-D66 on QFX10 Junos OS versions prior to 16.1R3-S8 Junos OS versions prior to 16.1R4-S6 Junos OS versions prior to 16.1R5 Junos OS versions prior to 16.2R1-S6 Junos OS versions prior to 16.2R2-S5 Junos OS versions prior to 16.2R3 Junos OS versions prior to 17.1R1-S7 Junos OS versions prior to 17.1R2-S6 Junos OS versions prior to 17.1R3 Junos OS versions prior to 17.2R1-S5 Junos OS versions prior to 17.2R2

Description The issue is related to an uncontrolled resource consumption when processing certain MPLS packets, which can be exploited by a remote attacker to cause a denial of service using specially crafted packets. This issue affects devices with VPLS routing-instances configured on one or more interfaces, where an mbuf leak occurs when processing a specific MPLS packet, approximately 1 mbuf per packet. Once the device runs out of mbufs, it will become inaccessible and require a restart. This issue only affects end devices, while transit devices are not affected.

Recommendations For Junos OS versions prior to 12.1X46-D76, update to version 12.1X46-D76 or later. For Junos OS versions prior to 12.3X48-D66, update to version 12.3X48-D66 or later. For Junos OS versions prior to 12.3X48-D70, update to version 12.3X48-D70 or later. For Junos OS versions prior to 14.1R9, update to version 14.1R9 or later. For Junos OS versions prior to 14.1X53-D47, update to version 14.1X53-D47 or later. For Junos OS versions prior to 14.2R8, update to version 14.2R8 or later. For Junos OS versions prior to 15.1F2-S19, update to version 15.1F2-S19 or later. For Junos OS versions prior to 15.1F6-S10, update to version 15.1F6-S10 or later. For Junos OS versions prior to 15.1R4-S9, update to version 15.1R4-S9 or later. For Junos OS versions prior to 15.1R5-S7, update to version 15.1R5-S7 or later. For Junos OS versions prior to 15.1R6-S4, update to version 15.1R6-S4 or later. For Junos OS versions prior to 15.1R7, update to version 15.1R7 or later. For Junos OS versions prior to 15.1X49-D131, update to version 15.1X49-D131 or later. For Junos OS versions prior to 15.1X49-D140, update to version 15.1X49-D140 or later. For Junos OS versions prior to 15.1X53-D58 on EX2300/EX3400, update to version 15.1X53-D58 or later. For Junos OS versions prior to 15.1X53-D233 on QFX5200/QFX5110, update to version 15.1X53-D233 or later. For Junos OS versions prior to 15.1X53-D471 on NFX, update to version 15.1X53-D471 or later. For Junos OS versions prior to 15.1X53-D66 on QFX10, update to version 15.1X53-D66 or later. For Junos OS versions prior to 16.1R3-S8, update to version 16.1R3-S8 or later. For Junos OS versions prior to 16.1R4-S6, update to version 16.1R4-S6 or later. For Junos OS versions prior to 16.1R5, update to version 16.1R5 or later. For Junos OS versions prior to 16.2R1-S6, update to version 16.2R1-S6 or later. For Junos OS versions prior to 16.2R2-S5, update to version 16.2R2-S5 or later. For Junos OS versions prior to 16.2R3, update to version 16.2R3 or later. For Junos OS versions prior to 17.1R1-S7, update to version 17.1R1-S7 or later. For Junos OS versions prior to 17.1R2-S6, update to version 17.1R2-S6 or later. For Junos OS versions prior to 17.1R3, update to version 17.1R3 or later. For Junos OS versions prior to 17.2R1-S5, update to version 17.2R1-S5 or later. For Junos OS versions prior to 17.2R2, update to version 17.2R2 or later.