CVE-2020-1639

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 12.3R12-S15 Juniper Networks Junos OS 12.3X48 versions prior to 12.3X48-D95 on SRX Series Juniper Networks Junos OS 14.1X50 versions prior to 14.1X50-D145 Juniper Networks Junos OS 14.1X53 versions prior to 14.1X53-D47 Juniper Networks Junos OS 15.1 versions prior to 15.1R2 Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D170 on SRX Series Juniper Networks Junos OS 15.1X53 versions prior to 15.1X53-D67

Description: The issue is related to the improper handling of malformed Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packets. When an attacker sends a specific crafted packet, it may cause an overflow condition, allowing the attacker to cause a Denial of Service (DoS) condition by crashing the CFM daemon. Continued receipt of these packets may cause an extended Denial of Service condition.

Recommendations: For Juniper Networks Junos OS versions prior to 12.3R12-S15, update to version 12.3R12-S15 or later. For Juniper Networks Junos OS 12.3X48 versions prior to 12.3X48-D95 on SRX Series, update to version 12.3X48-D95 or later. For Juniper Networks Junos OS 14.1X50 versions prior to 14.1X50-D145, update to version 14.1X50-D145 or later. For Juniper Networks Junos OS 14.1X53 versions prior to 14.1X53-D47, update to version 14.1X53-D47 or later. For Juniper Networks Junos OS 15.1 versions prior to 15.1R2, update to version 15.1R2 or later. For Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D170 on SRX Series, update to version 15.1X49-D170 or later. For Juniper Networks Junos OS 15.1X53 versions prior to 15.1X53-D67, update to version 15.1X53-D67 or later.