CVE-2020-1638

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.2R1-S4, 19.2R2, 19.3R2-S2, 19.3R3, 19.4R1-S1, 19.4R2 Junos OS Evolved versions prior to 19.4R2-EVO

Description: The issue exists due to insufficient input validation in the FPC module of Junos OS and Junos OS Evolved. An attacker can cause a Denial of Service (DoS) condition by continuously sending a specific IPv4 packet, which can restart the FPC and drop all traffic via the FPC. This issue can only occur when processing a specific IPv4 packet and does not affect IPv6 packets.

Recommendations: For Junos OS versions prior to 19.2R1-S4, 19.2R2, update to version 19.2R1-S4 or later. For Junos OS versions prior to 19.3R2-S2, 19.3R3, update to version 19.3R2-S2 or later. For Junos OS versions prior to 19.4R1-S1, 19.4R2, update to version 19.4R1-S1 or later. For Junos OS Evolved versions prior to 19.4R2-EVO, update to version 19.4R2-EVO or later. As a temporary workaround, consider restricting access to the FPC module to minimize the risk of exploitation.