CVE-2019-0068

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 12.3X48-D90 Junos OS versions prior to 15.1X49-D180 Junos OS version 17.3 Junos OS versions prior to 17.4R2-S5 Junos OS versions prior to 17.4R3 Junos OS versions prior to 18.1R3-S6 Junos OS versions prior to 18.2R2-S4 Junos OS versions prior to 18.2R3 Junos OS versions prior to 18.3R2-S1 Junos OS versions prior to 18.3R3 Junos OS versions prior to 18.4R2 Junos OS versions prior to 19.1R1-S1 Junos OS versions prior to 19.1R2

Description The issue affects the SRX flowd process, which is responsible for packet forwarding. It may crash and restart when processing specific multicast packets. An attacker can cause a sustained Denial of Service by continuously sending these packets. The vulnerability exists due to insufficient input validation, allowing a remote attacker to cause a denial of service by sending specially crafted multicast packets.

Recommendations For versions prior to 12.3X48-D90, update to 12.3X48-D90 or later. For versions prior to 15.1X49-D180, update to 15.1X49-D180 or later. For version 17.3, update to a later version. For versions prior to 17.4R2-S5, update to 17.4R2-S5 or later. For versions prior to 17.4R3, update to 17.4R3 or later. For versions prior to 18.1R3-S6, update to 18.1R3-S6 or later. For versions prior to 18.2R2-S4, update to 18.2R2-S4 or later. For versions prior to 18.2R3, update to 18.2R3 or later. For versions prior to 18.3R2-S1, update to 18.3R2-S1 or later. For versions prior to 18.3R3, update to 18.3R3 or later. For versions prior to 18.4R2, update to 18.4R2 or later. For versions prior to 19.1R1-S1, update to 19.1R1-S1 or later. For versions prior to 19.1R2, update to 19.1R2 or later.