CVE-2019-0044

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 12.1X46-D82 Junos OS versions prior to 12.3X48-D80 Junos OS versions prior to 15.1X49-D160

Description The issue exists due to insufficient input validation in the implementation of the fxp0 interface. Exploitation of this issue may allow a remote attacker to cause a denial of service. Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart. An attacker can repetitively crash the rpd process by continuously sending a specially crafted packet to the fxp0 interface, causing prolonged denial of service.

Recommendations For versions prior to 12.1X46-D82, update to version 12.1X46-D82 or later. For versions prior to 12.3X48-D80, update to version 12.3X48-D80 or later. For versions prior to 15.1X49-D160, update to version 15.1X49-D160 or later. As a temporary workaround, consider restricting access to the fxp0 interface to minimize the risk of exploitation.