high
7.5
CWE
400
Advisory Published
Updated

CVE-2017-2348: Junos OS: jdhcpd daemon crash due to invalid IPv6 UDP packets

First published: Fri Jul 14 2017(Updated: )

The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. Both high CPU utilization and repeated crashes of the jdhcpd daemon can result in a denial of service as DHCP service is interrupted. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 14.1X53 prior to 14.1X53-D12, 14.1X53-D38, 14.1X53-D40 on QFX, EX, QFabric System; 15.1 prior to 15.1F2-S18, 15.1R4 on all products and platforms; 15.1X49 prior to 15.1X49-D80 on SRX; 15.1X53 prior to 15.1X53-D51, 15.1X53-D60 on NFX, QFX, EX.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Juniper Junos=14.1x53
Juniper Junos=14.1x53-d10
Juniper Junos=14.1x53-d38
Juniper Junos=14.1x53-d40
Juniper Junos=15.1
Juniper Junos=15.1-f1
Juniper Junos=15.1-f2
Juniper Junos=15.1-f2-s1
Juniper Junos=15.1-f2-s2
Juniper Junos=15.1-f2-s3
Juniper Junos=15.1-f2-s4
Juniper Junos=15.1-r4
Juniper Junos=15.1x49
Juniper Junos=15.1x49-d10
Juniper Junos=15.1x49-d20
Juniper Junos=15.1x49-d30
Juniper Junos=15.1x49-d35
Juniper Junos=15.1x49-d40
Juniper Junos=15.1x49-d45
Juniper Junos=15.1x49-d50
Juniper Junos=15.1x49-d55
Juniper Junos=15.1x49-d60
Juniper Junos=15.1x49-d65
Juniper Junos=15.1x49-d70
Juniper Junos=15.1x49-d75
Juniper Junos=15.1x53
Juniper Junos=15.1x53-d10
Juniper Junos=15.1x53-d20
Juniper Junos=15.1x53-d21
Juniper Junos=15.1x53-d25
Juniper Junos=15.1x53-d30
Juniper Junos=15.1x53-d32
Juniper Junos=15.1x53-d33
Juniper Junos=15.1x53-d34
Juniper Junos=15.1x53-d47
Juniper Junos=15.1x53-d48
Juniper Junos=15.1x53-d60

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2017-2348?

    CVE-2017-2348 has a medium severity level and can lead to denial of service due to high CPU utilization and crashes.

  • How do I fix CVE-2017-2348?

    To fix CVE-2017-2348, you should upgrade to the latest version of Juniper JUNOS that addresses this vulnerability.

  • What software is affected by CVE-2017-2348?

    CVE-2017-2348 affects multiple versions of Juniper JUNOS including 14.1x53 and 15.1.

  • What type of attack does CVE-2017-2348 enable?

    CVE-2017-2348 enables a denial of service attack that targets the jdhcpd daemon by exploiting malformed IPv6 UDP packets.

  • Can CVE-2017-2348 impact network availability?

    Yes, CVE-2017-2348 can significantly impact network availability by causing interruptions to DHCP service.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203