CVE-2018-0043

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 12.1X46-D77 on SRX Series Junos OS versions prior to 12.3R12-S10 Junos OS versions prior to 12.3X48-D75 on SRX Series Junos OS versions prior to 14.1X53-D47 on QFX/EX Series Junos OS versions prior to 14.1X53-D130 on QFabric Series Junos OS versions prior to 15.1F6-S10 Junos OS versions prior to 15.1R4-S9 Junos OS versions prior to 15.1R7 Junos OS versions prior to 15.1X49-D140 on SRX Series Junos OS versions prior to 15.1X53-D59 on EX2300/EX3400 Series Junos OS versions prior to 15.1X53-D67 on QFX10K Series Junos OS versions prior to 15.1X53-D233 on QFX5200/QFX5110 Series Junos OS versions prior to 15.1X53-D471 Junos OS versions prior to 15.1X53-D490 on NFX Series Junos OS versions prior to 16.1R3-S8 Junos OS versions prior to 16.1R4-S8 Junos OS versions prior to 16.1R5-S4 Junos OS versions prior to 16.1R6-S4 Junos OS versions prior to 16.1R7 Junos OS versions prior to 16.1X65-D48 Junos OS versions prior to 16.2R1-S6 Junos OS versions prior to 16.2R3 Junos OS versions prior to 17.1R1-S7 Junos OS versions prior to 17.1R2-S6 Junos OS versions prior to 17.1R3 Junos OS versions prior to 17.2R1-S6 Junos OS versions prior to 17.2R2-S3 Junos OS versions prior to 17.2R3 Junos OS versions prior to 17.2X75-D100 Junos OS versions prior to 17.2X75-D42 Junos OS versions prior to 17.2X75-D91 Junos OS versions prior to 17.3R1-S4 Junos OS versions prior to 17.3R2-S2 Junos OS versions prior to 17.3R3 Junos OS versions prior to 17.4R1-S3 Junos OS versions prior to 17.4R2

Description The issue is caused by errors in handling input data in the Routing Protocols Daemon (RPD) process of the Junos OS. Receipt of a specific MPLS packet may cause the RPD process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an attacker can repeatedly crash the RPD process, causing a sustained Denial of Service. This issue affects both IPv4 and IPv6 and can only be exploited from within the MPLS domain. End-users connected to the CE device cannot cause this crash.

Recommendations As a temporary workaround, consider disabling the RPD process until a patch is available. Restrict access to the MPLS domain to minimize the risk of exploitation. Avoid using the affected Junos OS versions until the issue is resolved. Update to a fixed version of Junos OS for each affected series. For versions prior to 12.1X46-D77 on SRX Series, update to 12.1X46-D77 or later. For versions prior to 12.3R12-S10, update to 12.3R12-S10 or later. For versions prior to 12.3X48-D75 on SRX Series, update to 12.3X48-D75 or later. For versions prior to 14.1X53-D47 on QFX/EX Series, update to 14.1X53-D47 or later. For versions prior to 14.1X53-D130 on QFabric Series, update to 14.1X53-D130 or later. For versions prior to 15.1F6-S10, update to 15.1F6-S10 or later. For versions prior to 15.1R4-S9, update to 15.1R4-S9 or later. For versions prior to 15.1R7, update to 15.1R7 or later. For versions prior to 15.1X49-D140 on SRX Series, update to 15.1X49-D140 or later. For versions prior to 15.1X53-D59 on EX2300/EX3400 Series, update to 15.1X53-D59 or later. For versions prior to 15.1X53-D67 on QFX10K Series, update to 15.1X53-D67 or later. For versions prior to 15.1X53-D233 on QFX5200/QFX5110 Series, update to 15.1X53-D233 or later. For versions prior to 15.1X53-D471, update to 15.1X53-D471 or later. For versions prior to 15.1X53-D490 on NFX Series, update to 15.1X53-D490 or later. For versions prior to 16.1R3-S8, update to 16.1R3-S8 or later. For versions prior to 16.1R4-S8, update to 16.1R4-S8 or later. For versions prior to 16.1R5-S4, update to 16.1R5-S4 or later. For versions prior to 16.1R6-S4, update to 16.1R6-S4 or later. For versions prior to 16.1R7, update to 16.1R7 or later. For versions prior to 16.1X65-D48, update to 16.1X65-D48 or later. For versions prior to 16.2R1-S6, update to 16.2R1-S6 or later. For versions prior to 16.2R3, update to 16.2R3 or later. For versions prior to 17.1R1-S7, update to 17.1R1-S7 or later. For versions prior to 17.1R2-S6, update to 17.1R2-S6 or later. For versions prior to 17.1R3, update to 17.1R3 or later. For versions prior to 17.2R1-S6, update to 17.2R1-S6 or later. For versions prior to 17.2R2-S3, update to 17.2R2-S3 or later. For versions prior to 17.2R3, update to 17.2R3 or later. For versions prior to 17.2X75-D100, update to 17.2X75-D100 or later. For versions prior to 17.2X75-D42, update to 17.2X75-D42 or later. For versions prior to 17.2X75-D91, update to 17.2X75-D91 or later. For versions prior to 17.3R1-S4, update to 17.3R1-S4 or later. For versions prior to 17.3R2-S2, update to 17.3R2-S2 or later. For versions prior to 17.3R3, update to 17.3R3 or later. For versions prior to 17.4R1-S3, update to 17.4R1-S3 or later. For versions prior to 17.4R2, update to 17.4R2 or later.