CVE-2019-0014

Name of the Vulnerable Software and Affected Versions: Junos versions prior to 17.2X75-D91 Junos versions prior to 17.2X75-D100 Junos versions prior to 17.4R2-S1 Junos versions prior to 17.4R3 Junos versions prior to 18.1R3-S1 Junos versions prior to 18.2R1-S3 Junos versions prior to 18.2R2

Description: The issue is related to insufficient input validation in the Junos operating system. It can be exploited by a remote attacker to cause a denial of service by crashing the FPC process. This can be achieved by sending a malformed packet for J-Flow sampling, which can cause all interfaces to go down. The issue affects both IPv4 and IPv6 packet processing.

Recommendations: For versions prior to 17.2X75-D91, update to version 17.2X75-D91 or later. For versions prior to 17.2X75-D100, update to version 17.2X75-D100 or later. For versions prior to 17.4R2-S1, update to version 17.4R2-S1 or later. For versions prior to 17.4R3, update to version 17.4R3 or later. For versions prior to 18.1R3-S1, update to version 18.1R3-S1 or later. For versions prior to 18.2R1-S3, update to version 18.2R1-S3 or later. For versions prior to 18.2R2, update to version 18.2R2 or later.