VYPR
Unrated severityNVD Advisory· Published Jan 15, 2019· Updated Sep 16, 2024

Junos OS: RPD crash upon receipt of malformed PIM packet

CVE-2019-0013

Description

The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D77; 15.1 versions prior to 15.1F6-S10, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R7; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R2-S3, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    12.1X46 <12.1X46-D77, 12.3X48 <12.3X48-D77, 15.1 <15.1F6-S10,15.1R6-S6,15.1R7, 15.1X49 <15.1X49-D150, 15.1X53 <15.1X53-D233,15.1X53-D59, 16.1 <16.1R3-S8,16.1R4-S8,16.1R7, 16.2 <16.2R2-S6, 17.1 <17.1R2-S6,17.1R3, 17.2 <17.2R2-S3,17.2R3, 17.3 <17.3R2-S4,17.3R3, 17.4 <17.4R2+ 1 more
    • (no CPE)range: 12.1X46 <12.1X46-D77, 12.3X48 <12.3X48-D77, 15.1 <15.1F6-S10,15.1R6-S6,15.1R7, 15.1X49 <15.1X49-D150, 15.1X53 <15.1X53-D233,15.1X53-D59, 16.1 <16.1R3-S8,16.1R4-S8,16.1R7, 16.2 <16.2R2-S6, 17.1 <17.1R2-S6,17.1R3, 17.2 <17.2R2-S3,17.2R3, 17.3 <17.3R2-S4,17.3R3, 17.4 <17.4R2
    • (no CPE)range: 12.1X46

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.