CVE-2020-1632

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 16.1R7-S6 Junos OS versions prior to 16.2R2-S11 Junos OS versions prior to 17.1R2-S11 Junos OS versions prior to 17.1R3-S2 Junos OS versions prior to 17.2R1-S9 Junos OS versions prior to 17.2R2-S8 Junos OS versions prior to 17.2R3-S3 Junos OS versions prior to 17.2X75-D105 Junos OS versions prior to 17.2X75-D110 Junos OS versions prior to 17.2X75-D44 Junos OS versions prior to 17.3R2-S5 Junos OS versions prior to 17.3R3-S7 Junos OS versions prior to 17.4R2-S8 Junos OS versions prior to 17.4R3 Junos OS versions prior to 18.1R3-S8 Junos OS versions prior to 18.2R2-S6 Junos OS versions prior to 18.2R3-S2 Junos OS versions prior to 18.2X75-D12 Junos OS versions prior to 18.2X75-D33 Junos OS versions prior to 18.2X75-D411 Junos OS versions prior to 18.2X75-D420 Junos OS versions prior to 18.2X75-D51 Junos OS versions prior to 18.2X75-D60 Junos OS versions prior to 18.3R1-S6 Junos OS versions prior to 18.3R2-S3 Junos OS versions prior to 18.3R3 Junos OS versions prior to 18.4R1-S5 Junos OS versions prior to 18.4R3 Junos OS version 18.4R2 Junos OS versions prior to 19.1R1-S3 Junos OS versions prior to 19.1R2 Junos OS versions prior to 19.2R1-S2 Junos OS versions prior to 19.2R2 Junos OS Evolved versions prior to 19.2R2-EVO

Description: The issue is related to the handling of exceptional states in the Junos OS, which can be exploited by a remote attacker using a specially crafted BGP UPDATE message, potentially causing a Denial of Service (DoS) condition. This can occur when there is at least one BGP session established on the device that does not support the 4 Byte AS extension (RFC 4893). Repeated receipt of the same BGP UPDATE can result in an extended DoS condition.

Recommendations: For Junos OS versions prior to 16.1R7-S6, update to version 16.1R7-S6 or later. For Junos OS versions prior to 16.2R2-S11, update to version 16.2R2-S11 or later. For Junos OS versions prior to 17.1R2-S11, update to version 17.1R2-S11 or later. For Junos OS versions prior to 17.1R3-S2, update to version 17.1R3-S2 or later. For Junos OS versions prior to 17.2R1-S9, update to version 17.2R1-S9 or later. For Junos OS versions prior to 17.2R2-S8, update to version 17.2R2-S8 or later. For Junos OS versions prior to 17.2R3-S3, update to version 17.2R3-S3 or later. For Junos OS versions prior to 17.2X75-D105, update to version 17.2X75-D105 or later. For Junos OS versions prior to 17.2X75-D110, update to version 17.2X75-D110 or later. For Junos OS versions prior to 17.2X75-D44, update to version 17.2X75-D44 or later. For Junos OS versions prior to 17.3R2-S5, update to version 17.3R2-S5 or later. For Junos OS versions prior to 17.3R3-S7, update to version 17.3R3-S7 or later. For Junos OS versions prior to 17.4R2-S8, update to version 17.4R2-S8 or later. For Junos OS versions prior to 17.4R3, update to version 17.4R3 or later. For Junos OS versions prior to 18.1R3-S8, update to version 18.1R3-S8 or later. For Junos OS versions prior to 18.2R2-S6, update to version 18.2R2-S6 or later. For Junos OS versions prior to 18.2R3-S2, update to version 18.2R3-S2 or later. For Junos OS versions prior to 18.2X75-D12, update to version 18.2X75-D12 or later. For Junos OS versions prior to 18.2X75-D33, update to version 18.2X75-D33 or later. For Junos OS versions prior to 18.2X75-D411, update to version 18.2X75-D411 or later. For Junos OS versions prior to 18.2X75-D420, update to version 18.2X75-D420 or later. For Junos OS versions prior to 18.2X75-D51, update to version 18.2X75-D51 or later. For Junos OS versions prior to 18.2X75-D60, update to version 18.2X75-D60 or later. For Junos OS versions prior to 18.3R1-S6, update to version 18.3R1-S6 or later. For Junos OS versions prior to 18.3R2-S3, update to version 18.3R2-S3 or later. For Junos OS versions prior to 18.3R3, update to version 18.3R3 or later. For Junos OS versions prior to 18.4R1-S5, update to version 18.4R1-S5 or later. For Junos OS versions prior to 18.4R3, update to version 18.4R3 or later. For Junos OS version 18.4R2, update to a later version. For Junos OS versions prior to 19.1R1-S3, update to version 19.1R1-S3 or later. For Junos OS versions prior to 19.1R2, update to version 19.1R2 or later. For Junos OS versions prior to 19.2R1-S2, update to version 19.2R1-S2 or later. For Junos OS versions prior to 19.2R2, update to version 19.2R2 or later. For Junos OS Evolved versions prior to 19.2R2-EVO, update to version 19.2R2-EVO or later.