CVE-2020-1655

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 17.2R3-S4 Junos OS versions prior to 17.3R3-S8 Junos OS versions prior to 17.4R2-S10 Junos OS versions prior to 17.4R3-S2 Junos OS versions prior to 18.1R3-S10 Junos OS versions prior to 18.2R3-S3 Junos OS versions prior to 18.2X75-D41 Junos OS versions prior to 18.2X75-D430 Junos OS versions prior to 18.2X75-D65 Junos OS versions prior to 18.3R1-S7 Junos OS versions prior to 18.3R2-S4 Junos OS versions prior to 18.3R3-S1 Junos OS versions prior to 18.4R1-S7 Junos OS versions prior to 18.4R2-S4 Junos OS versions prior to 18.4R3 Junos OS versions prior to 19.1R1-S5 Junos OS versions prior to 19.1R2-S1 Junos OS versions prior to 19.1R3 Junos OS versions prior to 19.2R1-S4 Junos OS versions prior to 19.2R2 Junos OS versions prior to 19.3R2-S2 Junos OS versions prior to 19.3R3

Description: The issue is related to the Packet Forwarding Engine (PFE) in Junos OS and is caused by uncontrolled resource consumption. An attacker can exploit this issue by sending large packets that require fragmentation, which can cause the PFE to become disabled and result in a Denial of Service (DoS). The issue affects Junos OS versions 17.2 and later, specifically when inline IP reassembly is configured.

Recommendations: For Junos OS versions prior to 17.2R3-S4, update to 17.2R3-S4 or later. For Junos OS versions prior to 17.3R3-S8, update to 17.3R3-S8 or later. For Junos OS versions prior to 17.4R2-S10, update to 17.4R2-S10 or later. For Junos OS versions prior to 17.4R3-S2, update to 17.4R3-S2 or later. For Junos OS versions prior to 18.1R3-S10, update to 18.1R3-S10 or later. For Junos OS versions prior to 18.2R3-S3, update to 18.2R3-S3 or later. For Junos OS versions prior to 18.2X75-D41, update to 18.2X75-D41 or later. For Junos OS versions prior to 18.2X75-D430, update to 18.2X75-D430 or later. For Junos OS versions prior to 18.2X75-D65, update to 18.2X75-D65 or later. For Junos OS versions prior to 18.3R1-S7, update to 18.3R1-S7 or later. For Junos OS versions prior to 18.3R2-S4, update to 18.3R2-S4 or later. For Junos OS versions prior to 18.3R3-S1, update to 18.3R3-S1 or later. For Junos OS versions prior to 18.4R1-S7, update to 18.4R1-S7 or later. For Junos OS versions prior to 18.4R2-S4, update to 18.4R2-S4 or later. For Junos OS versions prior to 18.4R3, update to 18.4R3 or later. For Junos OS versions prior to 19.1R1-S5, update to 19.1R1-S5 or later. For Junos OS versions prior to 19.1R2-S1, update to 19.1R2-S1 or later. For Junos OS versions prior to 19.1R3, update to 19.1R3 or later. For Junos OS versions prior to 19.2R1-S4, update to 19.2R1-S4 or later. For Junos OS versions prior to 19.2R2, update to 19.2R2 or later. For Junos OS versions prior to 19.3R2-S2, update to 19.3R2-S2 or later. For Junos OS versions prior to 19.3R3, update to 19.3R3 or later.