CVE-2018-0055

Name of the Vulnerable Software and Affected Versions: Junos OS versions 15.1 through 18.2X75-D20, specifically: Junos OS versions 15.1 prior to 15.1R7-S2 Junos OS versions 15.1X49 prior to 15.1X49-D160 Junos OS versions 15.1X53 prior to 15.1X53-D235, 15.1X53-D495 Junos OS versions 16.1 prior to 16.1R4-S11, 16.1R6-S6, 16.1R7-S2 Junos OS versions 16.2 prior to 16.2R2-S7 Junos OS versions 17.1 prior to 17.1R2-S9 Junos OS versions 17.2 prior to 17.2R2-S6 Junos OS versions 17.3 prior to 17.3R3-S1 Junos OS versions 17.4 prior to 17.4R1-S5 Junos OS versions 18.1 prior to 18.1R2-S3 Junos OS versions 18.2 prior to 18.2R1-S2 Junos OS versions 18.2X75 prior to 18.2X75-D20

Description: Receipt of a specially crafted DHCPv6 message may cause the jdhcpd daemon to crash, potentially leading to an extended denial of service condition if the messages are received continuously. This issue affects devices configured as DHCP servers in a Broadband Edge environment. Devices not configured to act as a DHCP server are not vulnerable.

Recommendations: For Junos OS versions 15.1 prior to 15.1R7-S2, update to 15.1R7-S2 or later. For Junos OS versions 15.1X49 prior to 15.1X49-D160, update to 15.1X49-D160 or later. For Junos OS versions 15.1X53 prior to 15.1X53-D235, 15.1X53-D495, update to 15.1X53-D235, 15.1X53-D495 or later. For Junos OS versions 16.1 prior to 16.1R4-S11, 16.1R6-S6, 16.1R7-S2, update to 16.1R4-S11, 16.1R6-S6, 16.1R7-S2 or later. For Junos OS versions 16.2 prior to 16.2R2-S7, update to 16.2R2-S7 or later. For Junos OS versions 17.1 prior to 17.1R2-S9, update to 17.1R2-S9 or later. For Junos OS versions 17.2 prior to 17.2R2-S6, update to 17.2R2-S6 or later. For Junos OS versions 17.3 prior to 17.3R3-S1, update to 17.3R3-S1 or later. For Junos OS versions 17.4 prior to 17.4R1-S5, update to 17.4R1-S5 or later. For Junos OS versions 18.1 prior to 18.1R2-S3, update to 18.1R2-S3 or later. For Junos OS versions 18.2 prior to 18.2R1-S2, update to 18.2R1-S2 or later. For Junos OS versions 18.2X75 prior to 18.2X75-D20, update to 18.2X75-D20 or later.