CVE-2019-0013: Junos OS: RPD crash upon receipt of malformed PIM packet
First published: Tue Jan 15 2019(Updated: )
The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service (DoS) condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77; 12.3X48 versions prior to 12.3X48-D77; 15.1 versions prior to 15.1F6-S10, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D150; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D59; 16.1 versions prior to 16.1R3-S8, 16.1R4-S8, 16.1R7; 16.2 versions prior to 16.2R2-S6; 17.1 versions prior to 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R2-S3, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3; 17.4 versions prior to 17.4R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos | =12.1x46 | |
| Juniper Junos | =12.1x46-d10 | |
| Juniper Junos | =12.1x46-d15 | |
| Juniper Junos | =12.1x46-d20 | |
| Juniper Junos | =12.1x46-d25 | |
| Juniper Junos | =12.1x46-d30 | |
| Juniper Junos | =12.1x46-d35 | |
| Juniper Junos | =12.1x46-d40 | |
| Juniper Junos | =12.1x46-d45 | |
| Juniper Junos | =12.1x46-d50 | |
| Juniper Junos | =12.1x46-d55 | |
| Juniper Junos | =12.1x46-d60 | |
| Juniper Junos | =12.1x46-d65 | |
| Juniper Junos | =12.1x46-d66 | |
| Juniper Junos | =12.1x46-d67 | |
| Juniper Junos | =12.1x46-d71 | |
| Juniper Junos | =12.1x46-d76 | |
| Juniper Junos | =12.3x48 | |
| Juniper Junos | =12.3x48-d10 | |
| Juniper Junos | =12.3x48-d15 | |
| Juniper Junos | =12.3x48-d25 | |
| Juniper Junos | =12.3x48-d30 | |
| Juniper Junos | =12.3x48-d35 | |
| Juniper Junos | =12.3x48-d40 | |
| Juniper Junos | =12.3x48-d45 | |
| Juniper Junos | =12.3x48-d50 | |
| Juniper Junos | =12.3x48-d51 | |
| Juniper Junos | =12.3x48-d55 | |
| Juniper Junos | =12.3x48-d60 | |
| Juniper Junos | =12.3x48-d66 | |
| Juniper Junos | =12.3x48-d70 | |
| Juniper Junos | =12.3x48-d75 | |
| Juniper Junos | =15.1 | |
| Juniper Junos | =15.1-f6 | |
| Juniper Junos | =15.1-r1 | |
| Juniper Junos | =15.1-r2 | |
| Juniper Junos | =15.1-r3 | |
| Juniper Junos | =15.1-r4 | |
| Juniper Junos | =15.1-r5 | |
| Juniper Junos | =15.1-r6 | |
| Juniper Junos | =15.1x49-d10 | |
| Juniper Junos | =15.1x49-d100 | |
| Juniper Junos | =15.1x49-d110 | |
| Juniper Junos | =15.1x49-d120 | |
| Juniper Junos | =15.1x49-d130 | |
| Juniper Junos | =15.1x49-d140 | |
| Juniper Junos | =15.1x49-d20 | |
| Juniper Junos | =15.1x49-d30 | |
| Juniper Junos | =15.1x49-d35 | |
| Juniper Junos | =15.1x49-d40 | |
| Juniper Junos | =15.1x49-d45 | |
| Juniper Junos | =15.1x49-d50 | |
| Juniper Junos | =15.1x49-d55 | |
| Juniper Junos | =15.1x49-d60 | |
| Juniper Junos | =15.1x49-d65 | |
| Juniper Junos | =15.1x49-d70 | |
| Juniper Junos | =15.1x49-d75 | |
| Juniper Junos | =15.1x49-d80 | |
| Juniper Junos | =15.1x49-d90 | |
| Juniper Junos | =15.1x53-d20 | |
| Juniper Junos | =15.1x53-d21 | |
| Juniper Junos | =15.1x53-d210 | |
| Juniper Junos | =15.1x53-d230 | |
| Juniper Junos | =15.1x53-d231 | |
| Juniper Junos | =15.1x53-d232 | |
| Juniper Junos | =15.1x53-d25 | |
| Juniper Junos | =15.1x53-d30 | |
| Juniper Junos | =15.1x53-d32 | |
| Juniper Junos | =15.1x53-d33 | |
| Juniper Junos | =15.1x53-d34 | |
| Juniper Junos | =15.1x53-d40 | |
| Juniper Junos | =15.1x53-d45 | |
| Juniper Junos | =15.1x53-d56 | |
| Juniper Junos | =15.1x53-d60 | |
| Juniper Junos | =15.1x53-d61 | |
| Juniper Junos | =15.1x53-d62 | |
| Juniper Junos | =15.1x53-d63 | |
| Juniper Junos | =15.1x53-d64 | |
| Juniper Junos | =15.1x53-d65 | |
| Juniper Junos | =15.1x53-d66 | |
| Juniper Junos | =15.1x53-d70 | |
| Juniper Junos | =16.1-r1 | |
| Juniper Junos | =16.1-r2 | |
| Juniper Junos | =16.1-r3 | |
| Juniper Junos | =16.1-r3-s10 | |
| Juniper Junos | =16.1-r4 | |
| Juniper Junos | =16.1-r5 | |
| Juniper Junos | =16.1-r5-s4 | |
| Juniper Junos | =16.1-r6 | |
| Juniper Junos | =16.1-r6-s1 | |
| Juniper Junos | =16.2-r1 | |
| Juniper Junos | =16.2-r2 | |
| Juniper Junos | =16.2-r2-s5 | |
| Juniper Junos | =17.1-r1 | |
| Juniper Junos | =17.1-r2 | |
| Juniper Junos | =17.2-r1 | |
| Juniper Junos | =17.2-r1-s7 | |
| Juniper Junos | =17.2-r2 | |
| Juniper Junos | =17.3-r1 | |
| Juniper Junos | =17.3-r2 | |
| Juniper Junos | =17.3-r3 | |
| Juniper Junos | =17.4-r1 | |
| Juniper Junos | =17.4-r2-s2 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS 12.1X46-D77, 12.3X48-D77, 15.1F6-S10, 15.1R6-S6, 15.1R7, 15.1X49-D150, 15.1X53-D233, 15.1X53-D59, 16.1R3-S8, 16.1R4-S8, 16.1R7, 16.2R2-S6, 17.1R2-S6, 17.1R3, 17.2R2-S3, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R2, 18.1R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-0013?
CVE-2019-0013 has been classified as a vulnerability that could lead to a Denial of Service (DoS) condition.
How do I fix CVE-2019-0013?
To mitigate CVE-2019-0013, upgrade to a patched version of Junos as specified in the vendor's security advisories.
What software versions are affected by CVE-2019-0013?
CVE-2019-0013 affects multiple versions of Juniper's Junos, particularly those in the 12.1x46 and 12.3x48 series, along with certain 15.x and 16.x versions.
What kind of attack can exploit CVE-2019-0013?
CVE-2019-0013 can be exploited by sending a specific invalid IPv4 PIM Join packet that triggers the RPD process to crash.
Is IPv6 vulnerable to CVE-2019-0013?
No, CVE-2019-0013 exclusively affects IPv4 PIM and does not impact IPv6 PIM.
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- agent/weakness
- agent/severity
- agent/title
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/12.1x46
- version/juniper junos/12.1x46-d10
- version/juniper junos/12.1x46-d15
- version/juniper junos/12.1x46-d20
- version/juniper junos/12.1x46-d25
- version/juniper junos/12.1x46-d30
- version/juniper junos/12.1x46-d35
- version/juniper junos/12.1x46-d40
- version/juniper junos/12.1x46-d45
- version/juniper junos/12.1x46-d50
- version/juniper junos/12.1x46-d55
- version/juniper junos/12.1x46-d60
- version/juniper junos/12.1x46-d65
- version/juniper junos/12.1x46-d66
- version/juniper junos/12.1x46-d67
- version/juniper junos/12.1x46-d71
- version/juniper junos/12.1x46-d76
- version/juniper junos/12.3x48
- version/juniper junos/12.3x48-d10
- version/juniper junos/12.3x48-d15
- version/juniper junos/12.3x48-d25
- version/juniper junos/12.3x48-d30
- version/juniper junos/12.3x48-d35
- version/juniper junos/12.3x48-d40
- version/juniper junos/12.3x48-d45
- version/juniper junos/12.3x48-d50
- version/juniper junos/12.3x48-d51
- version/juniper junos/12.3x48-d55
- version/juniper junos/12.3x48-d60
- version/juniper junos/12.3x48-d66
- version/juniper junos/12.3x48-d70
- version/juniper junos/12.3x48-d75
- version/juniper junos/15.1
- version/juniper junos/15.1-f6
- version/juniper junos/15.1-r1
- version/juniper junos/15.1-r2
- version/juniper junos/15.1-r3
- version/juniper junos/15.1-r4
- version/juniper junos/15.1-r5
- version/juniper junos/15.1-r6
- version/juniper junos/15.1x49-d10
- version/juniper junos/15.1x49-d100
- version/juniper junos/15.1x49-d110
- version/juniper junos/15.1x49-d120
- version/juniper junos/15.1x49-d130
- version/juniper junos/15.1x49-d140
- version/juniper junos/15.1x49-d20
- version/juniper junos/15.1x49-d30
- version/juniper junos/15.1x49-d35
- version/juniper junos/15.1x49-d40
- version/juniper junos/15.1x49-d45
- version/juniper junos/15.1x49-d50
- version/juniper junos/15.1x49-d55
- version/juniper junos/15.1x49-d60
- version/juniper junos/15.1x49-d65
- version/juniper junos/15.1x49-d70
- version/juniper junos/15.1x49-d75
- version/juniper junos/15.1x49-d80
- version/juniper junos/15.1x49-d90
- version/juniper junos/15.1x53-d20
- version/juniper junos/15.1x53-d21
- version/juniper junos/15.1x53-d210
- version/juniper junos/15.1x53-d230
- version/juniper junos/15.1x53-d231
- version/juniper junos/15.1x53-d232
- version/juniper junos/15.1x53-d25
- version/juniper junos/15.1x53-d30
- version/juniper junos/15.1x53-d32
- version/juniper junos/15.1x53-d33
- version/juniper junos/15.1x53-d34
- version/juniper junos/15.1x53-d40
- version/juniper junos/15.1x53-d45
- version/juniper junos/15.1x53-d56
- version/juniper junos/15.1x53-d60
- version/juniper junos/15.1x53-d61
- version/juniper junos/15.1x53-d62
- version/juniper junos/15.1x53-d63
- version/juniper junos/15.1x53-d64
- version/juniper junos/15.1x53-d65
- version/juniper junos/15.1x53-d66
- version/juniper junos/15.1x53-d70
- version/juniper junos/16.1-r1
- version/juniper junos/16.1-r2
- version/juniper junos/16.1-r3
- version/juniper junos/16.1-r3-s10
- version/juniper junos/16.1-r4
- version/juniper junos/16.1-r5
- version/juniper junos/16.1-r5-s4
- version/juniper junos/16.1-r6
- version/juniper junos/16.1-r6-s1
- version/juniper junos/16.2-r1
- version/juniper junos/16.2-r2
- version/juniper junos/16.2-r2-s5
- version/juniper junos/17.1-r1
- version/juniper junos/17.1-r2
- version/juniper junos/17.2-r1
- version/juniper junos/17.2-r1-s7
- version/juniper junos/17.2-r2
- version/juniper junos/17.3-r1
- version/juniper junos/17.3-r2
- version/juniper junos/17.3-r3
- version/juniper junos/17.4-r1
- version/juniper junos/17.4-r2-s2