CVE-2019-0066: Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core
First published: Wed Oct 09 2019(Updated: )
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. This malformed packet can be crafted and sent to a victim device including when forwarded directly through a device receiving such a malformed packet, but not if the malformed packet is first de-encapsulated from an encapsulated format by a receiving device. Continued receipt of the malformed packet will result in a sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1F6-S12, 15.1R7-S2; 15.1X49 versions prior to 15.1X49-D150 on SRX Series; 15.1X53 versions prior to 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S9, 17.1R3; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3; 17.3 versions prior to 17.3R2-S4, 17.3R3.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Junos OS Evolved | =15.1-a1 | |
| Junos OS Evolved | =15.1-f1 | |
| Junos OS Evolved | =15.1-f2 | |
| Junos OS Evolved | =15.1-f2-s1 | |
| Junos OS Evolved | =15.1-f2-s2 | |
| Junos OS Evolved | =15.1-f2-s3 | |
| Junos OS Evolved | =15.1-f2-s4 | |
| Junos OS Evolved | =15.1-f3 | |
| Junos OS Evolved | =15.1-f4 | |
| Junos OS Evolved | =15.1-f5 | |
| Junos OS Evolved | =15.1-f6 | |
| Junos OS Evolved | =15.1-f6-s3 | |
| Junos OS Evolved | =15.1-r1 | |
| Junos OS Evolved | =15.1-r2 | |
| Junos OS Evolved | =15.1-r3 | |
| Junos OS Evolved | =15.1-r4 | |
| Junos OS Evolved | =15.1-r4-s9 | |
| Junos OS Evolved | =15.1-r5 | |
| Junos OS Evolved | =15.1-r6 | |
| Junos OS Evolved | =15.1-r6-s6 | |
| Junos OS Evolved | =15.1-r7-s1 | |
| Junos OS Evolved | =15.1x49-d10 | |
| Junos OS Evolved | =15.1x49-d100 | |
| Junos OS Evolved | =15.1x49-d110 | |
| Junos OS Evolved | =15.1x49-d120 | |
| Junos OS Evolved | =15.1x49-d130 | |
| Junos OS Evolved | =15.1x49-d140 | |
| Junos OS Evolved | =15.1x49-d20 | |
| Junos OS Evolved | =15.1x49-d30 | |
| Junos OS Evolved | =15.1x49-d35 | |
| Junos OS Evolved | =15.1x49-d40 | |
| Junos OS Evolved | =15.1x49-d45 | |
| Junos OS Evolved | =15.1x49-d50 | |
| Junos OS Evolved | =15.1x49-d55 | |
| Junos OS Evolved | =15.1x49-d60 | |
| Junos OS Evolved | =15.1x49-d65 | |
| Junos OS Evolved | =15.1x49-d70 | |
| Junos OS Evolved | =15.1x49-d75 | |
| Junos OS Evolved | =15.1x49-d80 | |
| Junos OS Evolved | =15.1x49-d90 | |
| Juniper CSRX | ||
| Juniper SRX100 | ||
| Juniper SRX110 | ||
| Juniper SRX1400 | ||
| Juniper SRX1500 | ||
| Juniper SRX210 | ||
| Juniper SRX220 | ||
| Juniper SRX240 | ||
| Juniper SRX300 | ||
| Juniper SRX320 | ||
| Juniper SRX340 | ||
| Juniper SRX3400 | ||
| Juniper SRX345 | ||
| Juniper SRX3600 | ||
| Juniper SRX4100 | ||
| Juniper SRX4200 | ||
| Juniper SRX4600 | ||
| Juniper SRX5400 | ||
| Juniper SRX550 | ||
| Juniper SRX550 | ||
| Juniper SRX5600 | ||
| Juniper SRX5800 | ||
| Juniper SRX650 | ||
| Juniper Networks Virtual SRX | ||
| Junos OS Evolved | =15.1x53-d20 | |
| Junos OS Evolved | =15.1x53-d21 | |
| Junos OS Evolved | =15.1x53-d210 | |
| Junos OS Evolved | =15.1x53-d230 | |
| Junos OS Evolved | =15.1x53-d231 | |
| Junos OS Evolved | =15.1x53-d232 | |
| Junos OS Evolved | =15.1x53-d233 | |
| Junos OS Evolved | =15.1x53-d234 | |
| Junos OS Evolved | =15.1x53-d235 | |
| Junos OS Evolved | =15.1x53-d236 | |
| Junos OS Evolved | =15.1x53-d237 | |
| Junos OS Evolved | =15.1x53-d25 | |
| Junos OS Evolved | =15.1x53-d30 | |
| Junos OS Evolved | =15.1x53-d31 | |
| Junos OS Evolved | =15.1x53-d32 | |
| Junos OS Evolved | =15.1x53-d33 | |
| Junos OS Evolved | =15.1x53-d34 | |
| Junos OS Evolved | =15.1x53-d40 | |
| Junos OS Evolved | =15.1x53-d45 | |
| Junos OS Evolved | =15.1x53-d470 | |
| Junos OS Evolved | =15.1x53-d495 | |
| Junos OS Evolved | =15.1x53-d56 | |
| Junos OS Evolved | =15.1x53-d59 | |
| Junos OS Evolved | =15.1x53-d60 | |
| Junos OS Evolved | =15.1x53-d61 | |
| Junos OS Evolved | =15.1x53-d62 | |
| Junos OS Evolved | =15.1x53-d63 | |
| Junos OS Evolved | =15.1x53-d64 | |
| Junos OS Evolved | =15.1x53-d65 | |
| Junos OS Evolved | =15.1x53-d66 | |
| Junos OS Evolved | =15.1x53-d69 | |
| Junos OS Evolved | =15.1x53-d70 | |
| Junos OS Evolved | =16.1 | |
| Junos OS Evolved | =16.1-r1 | |
| Junos OS Evolved | =16.1-r2 | |
| Junos OS Evolved | =16.1-r3 | |
| Junos OS Evolved | =16.1-r4 | |
| Junos OS Evolved | =16.1-r5 | |
| Junos OS Evolved | =16.1-r5-s4 | |
| Junos OS Evolved | =16.1-r6 | |
| Junos OS Evolved | =16.1-r6-s1 | |
| Junos OS Evolved | =16.1-r7 | |
| Junos OS Evolved | =16.2 | |
| Junos OS Evolved | =16.2-r1 | |
| Junos OS Evolved | =16.2-r2 | |
| Junos OS Evolved | =16.2-r2-s1 | |
| Junos OS Evolved | =16.2-r2-s2 | |
| Junos OS Evolved | =16.2-r2-s5 | |
| Junos OS Evolved | =16.2-r2-s6 | |
| Junos OS Evolved | =17.1 | |
| Junos OS Evolved | =17.1-r1 | |
| Junos OS Evolved | =17.1-r2-s1 | |
| Junos OS Evolved | =17.1-r2-s2 | |
| Junos OS Evolved | =17.1-r2-s3 | |
| Junos OS Evolved | =17.1-r2-s4 | |
| Junos OS Evolved | =17.1-r2-s5 | |
| Junos OS Evolved | =17.1-r2-s6 | |
| Junos OS Evolved | =17.1-r2-s7 | |
| Junos OS Evolved | =17.1-r2-s8 | |
| Junos OS Evolved | =17.2 | |
| Junos OS Evolved | =17.2-r1-s2 | |
| Junos OS Evolved | =17.2-r1-s4 | |
| Junos OS Evolved | =17.2-r2 | |
| Junos OS Evolved | =17.3 | |
| Junos OS Evolved | =17.3-r2 | |
| Junos OS Evolved | =17.3-r2-s1 | |
| Junos OS Evolved | =17.3-r2-s2 | |
| Junos OS Evolved | =17.3-r2-s3 |
Remedy
The following software releases have been updated to resolve this specific issue: 15.1F6-S12, 15.1R7-S2, 15.1X49-D150, 15.1X53-D68, 15.1X53-D235, 15.1X53-D495, 15.1X53-D590, 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S2, 16.2R2-S7, 17.1R2-S9, 17.1R3, 17.2R1-S7, 17.2R2-S6, 17.2R3, 17.3R2-S4, 17.3R3, 17.4R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-0066?
CVE-2019-0066 has a high severity rating due to its potential to cause a Denial of Service (DoS) condition.
How do I fix CVE-2019-0066?
To fix CVE-2019-0066, upgrade to a non-vulnerable version of Junos OS as specified by Juniper Networks.
What systems are affected by CVE-2019-0066?
CVE-2019-0066 affects specific versions of Juniper Networks Junos OS, including version 15.1 and several of its sub-releases.
Can CVE-2019-0066 be exploited remotely?
Yes, CVE-2019-0066 can be exploited remotely, allowing attackers to send malformed IPv4 packets to trigger the vulnerability.
What is the impact of CVE-2019-0066 on affected devices?
The impact of CVE-2019-0066 on affected devices is a crash of the routing protocol daemon (rpd), leading to service interruption.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/junos os evolved
- version/junos os evolved/15.1-a1
- version/junos os evolved/15.1-f1
- version/junos os evolved/15.1-f2
- version/junos os evolved/15.1-f2-s1
- version/junos os evolved/15.1-f2-s2
- version/junos os evolved/15.1-f2-s3
- version/junos os evolved/15.1-f2-s4
- version/junos os evolved/15.1-f3
- version/junos os evolved/15.1-f4
- version/junos os evolved/15.1-f5
- version/junos os evolved/15.1-f6
- version/junos os evolved/15.1-f6-s3
- version/junos os evolved/15.1-r1
- version/junos os evolved/15.1-r2
- version/junos os evolved/15.1-r3
- version/junos os evolved/15.1-r4
- version/junos os evolved/15.1-r4-s9
- version/junos os evolved/15.1-r5
- version/junos os evolved/15.1-r6
- version/junos os evolved/15.1-r6-s6
- version/junos os evolved/15.1-r7-s1
- version/junos os evolved/15.1x49-d10
- version/junos os evolved/15.1x49-d100
- version/junos os evolved/15.1x49-d110
- version/junos os evolved/15.1x49-d120
- version/junos os evolved/15.1x49-d130
- version/junos os evolved/15.1x49-d140
- version/junos os evolved/15.1x49-d20
- version/junos os evolved/15.1x49-d30
- version/junos os evolved/15.1x49-d35
- version/junos os evolved/15.1x49-d40
- version/junos os evolved/15.1x49-d45
- version/junos os evolved/15.1x49-d50
- version/junos os evolved/15.1x49-d55
- version/junos os evolved/15.1x49-d60
- version/junos os evolved/15.1x49-d65
- version/junos os evolved/15.1x49-d70
- version/junos os evolved/15.1x49-d75
- version/junos os evolved/15.1x49-d80
- version/junos os evolved/15.1x49-d90
- canonical/juniper csrx
- canonical/juniper srx100
- canonical/juniper srx110
- canonical/juniper srx1400
- canonical/juniper srx1500
- canonical/juniper srx210
- canonical/juniper srx220
- canonical/juniper srx240
- canonical/juniper srx300
- canonical/juniper srx320
- canonical/juniper srx340
- canonical/juniper srx3400
- canonical/juniper srx345
- canonical/juniper srx3600
- canonical/juniper srx4100
- canonical/juniper srx4200
- canonical/juniper srx4600
- canonical/juniper srx5400
- canonical/juniper srx550
- canonical/juniper srx5600
- canonical/juniper srx5800
- canonical/juniper srx650
- canonical/juniper networks virtual srx
- version/junos os evolved/15.1x53-d20
- version/junos os evolved/15.1x53-d21
- version/junos os evolved/15.1x53-d210
- version/junos os evolved/15.1x53-d230
- version/junos os evolved/15.1x53-d231
- version/junos os evolved/15.1x53-d232
- version/junos os evolved/15.1x53-d233
- version/junos os evolved/15.1x53-d234
- version/junos os evolved/15.1x53-d235
- version/junos os evolved/15.1x53-d236
- version/junos os evolved/15.1x53-d237
- version/junos os evolved/15.1x53-d25
- version/junos os evolved/15.1x53-d30
- version/junos os evolved/15.1x53-d31
- version/junos os evolved/15.1x53-d32
- version/junos os evolved/15.1x53-d33
- version/junos os evolved/15.1x53-d34
- version/junos os evolved/15.1x53-d40
- version/junos os evolved/15.1x53-d45
- version/junos os evolved/15.1x53-d470
- version/junos os evolved/15.1x53-d495
- version/junos os evolved/15.1x53-d56
- version/junos os evolved/15.1x53-d59
- version/junos os evolved/15.1x53-d60
- version/junos os evolved/15.1x53-d61
- version/junos os evolved/15.1x53-d62
- version/junos os evolved/15.1x53-d63
- version/junos os evolved/15.1x53-d64
- version/junos os evolved/15.1x53-d65
- version/junos os evolved/15.1x53-d66
- version/junos os evolved/15.1x53-d69
- version/junos os evolved/15.1x53-d70
- version/junos os evolved/16.1
- version/junos os evolved/16.1-r1
- version/junos os evolved/16.1-r2
- version/junos os evolved/16.1-r3
- version/junos os evolved/16.1-r4
- version/junos os evolved/16.1-r5
- version/junos os evolved/16.1-r5-s4
- version/junos os evolved/16.1-r6
- version/junos os evolved/16.1-r6-s1
- version/junos os evolved/16.1-r7
- version/junos os evolved/16.2
- version/junos os evolved/16.2-r1
- version/junos os evolved/16.2-r2
- version/junos os evolved/16.2-r2-s1
- version/junos os evolved/16.2-r2-s2
- version/junos os evolved/16.2-r2-s5
- version/junos os evolved/16.2-r2-s6
- version/junos os evolved/17.1
- version/junos os evolved/17.1-r1
- version/junos os evolved/17.1-r2-s1
- version/junos os evolved/17.1-r2-s2
- version/junos os evolved/17.1-r2-s3
- version/junos os evolved/17.1-r2-s4
- version/junos os evolved/17.1-r2-s5
- version/junos os evolved/17.1-r2-s6
- version/junos os evolved/17.1-r2-s7
- version/junos os evolved/17.1-r2-s8
- version/junos os evolved/17.2
- version/junos os evolved/17.2-r1-s2
- version/junos os evolved/17.2-r1-s4
- version/junos os evolved/17.2-r2
- version/junos os evolved/17.3
- version/junos os evolved/17.3-r2
- version/junos os evolved/17.3-r2-s1
- version/junos os evolved/17.3-r2-s2
- version/junos os evolved/17.3-r2-s3