CVE-2019-0066

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 15.1F6-S12 Juniper Networks Junos OS versions prior to 15.1R7-S2 Juniper Networks Junos OS versions prior to 15.1X49-D150 on SRX Series Juniper Networks Junos OS versions prior to 15.1X53-D68 Juniper Networks Junos OS versions prior to 15.1X53-D235 Juniper Networks Junos OS versions prior to 15.1X53-D495 Juniper Networks Junos OS versions prior to 15.1X53-D590 Juniper Networks Junos OS versions prior to 16.1R3-S10 Juniper Networks Junos OS versions prior to 16.1R4-S12 Juniper Networks Junos OS versions prior to 16.1R6-S6 Juniper Networks Junos OS versions prior to 16.1R7-S2 Juniper Networks Junos OS versions prior to 16.2R2-S7 Juniper Networks Junos OS versions prior to 17.1R2-S9 Juniper Networks Junos OS versions prior to 17.1R3 Juniper Networks Junos OS versions prior to 17.2R1-S7 Juniper Networks Junos OS versions prior to 17.2R2-S6 Juniper Networks Junos OS versions prior to 17.2R3 Juniper Networks Junos OS versions prior to 17.3R2-S4 Juniper Networks Junos OS versions prior to 17.3R3

Description The issue is related to an unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS. This weakness allows an attacker to cause a Denial of Service (DoS) condition and crash the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. The malformed packet can be crafted and sent to a victim device, including when forwarded directly through a device receiving such a malformed packet. Continued receipt of the malformed packet will result in a sustained Denial of Service condition.

Recommendations For Juniper Networks Junos OS versions prior to 15.1F6-S12, update to version 15.1F6-S12 or later. For Juniper Networks Junos OS versions prior to 15.1R7-S2, update to version 15.1R7-S2 or later. For Juniper Networks Junos OS versions prior to 15.1X49-D150 on SRX Series, update to version 15.1X49-D150 or later. For Juniper Networks Junos OS versions prior to 15.1X53-D68, update to version 15.1X53-D68 or later. For Juniper Networks Junos OS versions prior to 15.1X53-D235, update to version 15.1X53-D235 or later. For Juniper Networks Junos OS versions prior to 15.1X53-D495, update to version 15.1X53-D495 or later. For Juniper Networks Junos OS versions prior to 15.1X53-D590, update to version 15.1X53-D590 or later. For Juniper Networks Junos OS versions prior to 16.1R3-S10, update to version 16.1R3-S10 or later. For Juniper Networks Junos OS versions prior to 16.1R4-S12, update to version 16.1R4-S12 or later. For Juniper Networks Junos OS versions prior to 16.1R6-S6, update to version 16.1R6-S6 or later. For Juniper Networks Junos OS versions prior to 16.1R7-S2, update to version 16.1R7-S2 or later. For Juniper Networks Junos OS versions prior to 16.2R2-S7, update to version 16.2R2-S7 or later. For Juniper Networks Junos OS versions prior to 17.1R2-S9, update to version 17.1R2-S9 or later. For Juniper Networks Junos OS versions prior to 17.1R3, update to version 17.1R3 or later. For Juniper Networks Junos OS versions prior to 17.2R1-S7, update to version 17.2R1-S7 or later. For Juniper Networks Junos OS versions prior to 17.2R2-S6, update to version 17.2R2-S6 or later. For Juniper Networks Junos OS versions prior to 17.2R3, update to version 17.2R3 or later. For Juniper Networks Junos OS versions prior to 17.3R2-S4, update to version 17.3R2-S4 or later. For Juniper Networks Junos OS versions prior to 17.3R3, update to version 17.3R3 or later.