CVE-2019-0001

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 16.1R7-S1 Juniper Networks Junos OS versions prior to 16.2R2-S7 Juniper Networks Junos OS versions prior to 17.1R2-S10 Juniper Networks Junos OS versions prior to 17.1R3 Juniper Networks Junos OS versions prior to 17.2R3 Juniper Networks Junos OS versions prior to 17.3R3-S1 Juniper Networks Junos OS versions prior to 17.4R2 Juniper Networks Junos OS versions prior to 18.1R3 Juniper Networks Junos OS versions prior to 18.2R2

Description: The issue is related to the receipt of a malformed packet on MX Series devices with dynamic vlan configuration, which can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd). This can lead to high CPU usage and a crash of the bbe-smgd service, resulting in a denial of service condition for the device. Repeated receipt of the same packet can cause an extended denial of service condition.

Recommendations: For versions prior to 16.1R7-S1, update to 16.1R7-S1 or later. For versions prior to 16.2R2-S7, update to 16.2R2-S7 or later. For versions prior to 17.1R2-S10, update to 17.1R2-S10 or later. For versions prior to 17.1R3, update to 17.1R3 or later. For versions prior to 17.2R3, update to 17.2R3 or later. For versions prior to 17.3R3-S1, update to 17.3R3-S1 or later. For versions prior to 17.4R2, update to 17.4R2 or later. For versions prior to 18.1R3, update to 18.1R3 or later. For versions prior to 18.2R2, update to 18.2R2 or later.