CVE-2018-0020

Summary

Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does not propagate to other BGP peers. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D130 on SRX; 15.1X53 versions prior to 15.1X53-D66 on QFX10K; 15.1X53 versions prior to 15.1X53-D58 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471 on NFX; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D47; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R2-S3, 17.1R3; 17.2 versions prior to 17.2R1-S3, 17.2R2-S1, 17.2R3; 17.2X75 versions prior to 17.2X75-D70; 13.2 versions above and including 13.2R1. Versions prior to 13.2R1 are not affected. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS14.1X53 < 14.1X53-D47affected
Juniper NetworksJunos OS15.1 < 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7affected
Juniper NetworksJunos OS16.1 < 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7affected
Juniper NetworksJunos OS16.1X65 < 16.1X65-D47affected
Juniper NetworksJunos OS16.2 < 16.2R1-S6, 16.2R2-S5, 16.2R3affected
Juniper NetworksJunos OS17.1 < 17.1R2-S3, 17.1R3affected
Juniper NetworksJunos OS17.2 < 17.2R1-S3, 17.2R2-S1, 17.2R3affected
Juniper NetworksJunos OS17.2X75 < 17.2X75-D70affected
Juniper NetworksJunos OSall < 13.2R1unaffected
Juniper NetworksJunos OS13.2R1 < 13.2*affected
Juniper NetworksJunos OS15.1X49 < 15.1X49-D130affected
Juniper NetworksJunos OS15.1X53 < 15.1X53-D66affected
Juniper NetworksJunos OS15.1X53 < 15.1X53-D58affected
Juniper NetworksJunos OS15.1X53 < 15.1X53-D233affected
Juniper NetworksJunos OS15.1X53 < 15.1X53-D471affected

Weaknesses

  • denial of service

Workarounds

While there is no workaround, the risk associated with this issue can be mitigated by limiting BGP sessions only from trusted peers.

ADP Enrichment

CVE Program Container

Additional References

References