Junos OS: RPD crash upon receipt of malformed PIM packet
Description
The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D77; 15.1 versions prior to 15.1F6-S10, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R7; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R2-S3, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2.
Affected products
212.1X46 <12.1X46-D77, 12.3X48 <12.3X48-D77, 15.1 <15.1F6-S10,15.1R6-S6,15.1R7, 15.1X49 <15.1X49-D150, 15.1X53 <15.1X53-D233,15.1X53-D59, 16.1 <16.1R3-S8,16.1R4-S8,16.1R7, 16.2 <16.2R2-S6, 17.1 <17.1R2-S6,17.1R3, 17.2 <17.2R2-S3,17.2R3, 17.3 <17.3R2-S4,17.3R3, 17.4 <17.4R2+ 1 more
- (no CPE)range: 12.1X46 <12.1X46-D77, 12.3X48 <12.3X48-D77, 15.1 <15.1F6-S10,15.1R6-S6,15.1R7, 15.1X49 <15.1X49-D150, 15.1X53 <15.1X53-D233,15.1X53-D59, 16.1 <16.1R3-S8,16.1R4-S8,16.1R7, 16.2 <16.2R2-S6, 17.1 <17.1R2-S6,17.1R3, 17.2 <17.2R2-S3,17.2R3, 17.3 <17.3R2-S4,17.3R3, 17.4 <17.4R2
- (no CPE)range: 12.1X46
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/106519mitrevdb-entryx_refsource_BID
- kb.juniper.net/JSA10913mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.