CVE-2018-0016
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly configured. Devices with without CLNS enabled are not vulnerable to this issue. Devices with IS-IS configured on the interface are not vulnerable to this issue unless CLNS routing is also enabled. This issue only affects devices running Junos OS 15.1. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 versions prior to 15.1X49-D60; 15.1X53 versions prior to 15.1X53-D66, 15.1X53-D233, 15.1X53-D471. Earlier releases are unaffected by this vulnerability, and the issue has been resolved in Junos OS 16.1R1 and all subsequent releases.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 15.1 < 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5 | affected |
| Juniper Networks | Junos OS | 15.1X49 < 15.1X49-D60 | affected |
| Juniper Networks | Junos OS | 15.1X53 < 15.1X53-D66, 15.1X53-D233, 15.1X53-D471 | affected |
Weaknesses
- Denial of Service
Workarounds
Use access lists or firewall filters to limit access to the device via CLNP only from trusted hosts.
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/103747
- http://www.securitytracker.com/id/1040784
- https://kb.juniper.net/JSA10844
References
- http://www.securityfocus.com/bid/103747
- http://www.securitytracker.com/id/1040784
- https://kb.juniper.net/JSA10844
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.