What is the severity of CVE-2018-0016?

CVE-2018-0016 has a critical severity rating as it can lead to kernel crashes or remote code execution.

How do I fix CVE-2018-0016?

To resolve CVE-2018-0016, it is recommended to update to the latest version of Junos OS that addresses this vulnerability.

Which versions of Junos OS are affected by CVE-2018-0016?

CVE-2018-0016 affects Junos OS versions 15.1 and specific revisions including 15.1-r1 through 15.1f6 and many series of 15.1x.

What types of devices are impacted by CVE-2018-0016?

CVE-2018-0016 impacts Juniper devices running affected versions of Junos OS that have 'clns-routing' or ES-IS enabled.

What can attackers achieve through CVE-2018-0016?

Attackers exploiting CVE-2018-0016 may achieve remote code execution or cause the device to crash, resulting in denial of service.

Vulnerability/
CVE-2018-0016

critical

9.8

11/4/2018

17/9/2024

CVE-2018-0016: Junos OS: Kernel crash upon receipt of crafted CLNP datagrams

First published: Wed Apr 11 2018(Updated: )

Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly configured. Devices with without CLNS enabled are not vulnerable to this issue. Devices with IS-IS configured on the interface are not vulnerable to this issue unless CLNS routing is also enabled. This issue only affects devices running Junos OS 15.1. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5; 15.1X49 versions prior to 15.1X49-D60; 15.1X53 versions prior to 15.1X53-D66, 15.1X53-D233, 15.1X53-D471. Earlier releases are unaffected by this vulnerability, and the issue has been resolved in Junos OS 16.1R1 and all subsequent releases.

Credit: sirt@juniper.net

Affected Software	Affected Version	How to fix
Juniper Junos	=15.1
Juniper Junos	=15.1-r1
Juniper Junos	=15.1-r2
Juniper Junos	=15.1-r3
Juniper Junos	=15.1-r4
Juniper Junos	=15.1f
Juniper Junos	=15.1f2
Juniper Junos	=15.1f3
Juniper Junos	=15.1f4
Juniper Junos	=15.1f5
Juniper Junos	=15.1f5-s1
Juniper Junos	=15.1f6-s1
Juniper Junos	=15.1f6-s2
Juniper Junos	=15.1x49
Juniper Junos	=15.1x49-d10
Juniper Junos	=15.1x49-d20
Juniper Junos	=15.1x49-d30
Juniper Junos	=15.1x49-d35
Juniper Junos	=15.1x49-d40
Juniper Junos	=15.1x49-d45
Juniper Junos	=15.1x49-d50
Juniper Junos	=15.1x49-d55
Juniper Junos	=15.1x53
Juniper Junos	=15.1x53-d10
Juniper Junos	=15.1x53-d20
Juniper Junos	=15.1x53-d21
Juniper Junos	=15.1x53-d30
Juniper Junos	=15.1x53-d32
Juniper Junos	=15.1x53-d33
Juniper Junos	=15.1x53-d34
Juniper Junos	=15.1x53-d50
Juniper Junos	=15.1x53-d51
Juniper Junos	=15.1x53-d52
Juniper Junos	=15.1x53-d55
Juniper Junos	=15.1x53-d57
Juniper Junos	=15.1x53-d58
Juniper Junos	=15.1x53-d60
Juniper Junos	=15.1x53-d61
Juniper Junos	=15.1x53-d62
Juniper Junos	=15.1x53-d63
Juniper Junos	=15.1x53-d64
Juniper Junos	=15.1x53-d65
Juniper Junos

Remedy

The following software releases have been updated to resolve this specific issue: 15.1F5-S3, 15.1F6-S8, 15.1F7, 15.1R5, 15.1X49-D60, 15.1X53-D66, 15.1X53-D233, 15.1X53-D471, 16.1R1, and all subsequent releases.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-0016?
CVE-2018-0016 has a critical severity rating as it can lead to kernel crashes or remote code execution.
How do I fix CVE-2018-0016?
To resolve CVE-2018-0016, it is recommended to update to the latest version of Junos OS that addresses this vulnerability.
Which versions of Junos OS are affected by CVE-2018-0016?
CVE-2018-0016 affects Junos OS versions 15.1 and specific revisions including 15.1-r1 through 15.1f6 and many series of 15.1x.
What types of devices are impacted by CVE-2018-0016?
CVE-2018-0016 impacts Juniper devices running affected versions of Junos OS that have 'clns-routing' or ES-IS enabled.
What can attackers achieve through CVE-2018-0016?
Attackers exploiting CVE-2018-0016 may achieve remote code execution or cause the device to crash, resulting in denial of service.

agent/type
agent/softwarecombine
agent/remedy
agent/severity
agent/references
agent/author
agent/title
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/juniper
canonical/juniper junos
version/juniper junos/15.1
version/juniper junos/15.1-r1
version/juniper junos/15.1-r2
version/juniper junos/15.1-r3
version/juniper junos/15.1-r4
version/juniper junos/15.1f
version/juniper junos/15.1f2
version/juniper junos/15.1f3
version/juniper junos/15.1f4
version/juniper junos/15.1f5
version/juniper junos/15.1f5-s1
version/juniper junos/15.1f6-s1
version/juniper junos/15.1f6-s2
version/juniper junos/15.1x49
version/juniper junos/15.1x49-d10
version/juniper junos/15.1x49-d20
version/juniper junos/15.1x49-d30
version/juniper junos/15.1x49-d35
version/juniper junos/15.1x49-d40
version/juniper junos/15.1x49-d45
version/juniper junos/15.1x49-d50
version/juniper junos/15.1x49-d55
version/juniper junos/15.1x53
version/juniper junos/15.1x53-d10
version/juniper junos/15.1x53-d20
version/juniper junos/15.1x53-d21
version/juniper junos/15.1x53-d30
version/juniper junos/15.1x53-d32
version/juniper junos/15.1x53-d33
version/juniper junos/15.1x53-d34
version/juniper junos/15.1x53-d50
version/juniper junos/15.1x53-d51
version/juniper junos/15.1x53-d52
version/juniper junos/15.1x53-d55
version/juniper junos/15.1x53-d57
version/juniper junos/15.1x53-d58
version/juniper junos/15.1x53-d60
version/juniper junos/15.1x53-d61
version/juniper junos/15.1x53-d62
version/juniper junos/15.1x53-d63
version/juniper junos/15.1x53-d64
version/juniper junos/15.1x53-d65