CVE-2018-0003

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 12.1X46-D71 Junos OS versions prior to 12.3R12-S7 Junos OS versions prior to 12.3X48-D55 Junos OS versions prior to 14.1R8-S5 Junos OS versions prior to 14.1R9 Junos OS versions prior to 14.1X53-D45 Junos OS versions prior to 14.1X53-D107 Junos OS versions prior to 14.2R7-S7 Junos OS versions prior to 14.2R8 Junos OS versions prior to 15.1F5-S8 Junos OS versions prior to 15.1F6-S8 Junos OS versions prior to 15.1R5-S6 Junos OS versions prior to 15.1R6-S3 Junos OS versions prior to 15.1R7 Junos OS versions prior to 15.1X49-D100 Junos OS versions prior to 15.1X53-D65 Junos OS versions prior to 15.1X53-D231 Junos OS versions prior to 16.1R3-S6 Junos OS versions prior to 16.1R4-S6 Junos OS versions prior to 16.1R5 Junos OS versions prior to 16.1X65-D45 Junos OS versions prior to 16.2R2-S1 Junos OS versions prior to 16.2R3 Junos OS versions prior to 17.1R2-S2 Junos OS versions prior to 17.1R3 Junos OS versions prior to 17.2R1-S3 Junos OS versions prior to 17.2R2 Junos OS versions prior to 17.2X75-D50

Description: A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is accessed, this may result in a kernel crash leading to a denial of service.

Recommendations: Update to a version of Junos OS that is not affected by this issue, such as 12.1X46-D71 or later, 12.3R12-S7 or later, 12.3X48-D55 or later, 14.1R8-S5 or later, 14.1R9 or later, 14.1X53-D45 or later, 14.1X53-D107 or later, 14.2R7-S7 or later, 14.2R8 or later, 15.1F5-S8 or later, 15.1F6-S8 or later, 15.1R5-S6 or later, 15.1R6-S3 or later, 15.1R7 or later, 15.1X49-D100 or later, 15.1X53-D65 or later, 15.1X53-D231 or later, 16.1R3-S6 or later, 16.1R4-S6 or later, 16.1R5 or later, 16.1X65-D45 or later, 16.2R2-S1 or later, 16.2R3 or later, 17.1R2-S2 or later, 17.1R3 or later, 17.2R1-S3 or later, 17.2R2 or later, 17.2X75-D50 or later.