CVE-2018-0017

SRX Series: Denial of service vulnerability in flowd daemon on devices configured with NAT-PT

Description

A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition for the SRX device. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D72; 12.3X48 versions prior to 12.3X48-D55; 15.1X49 versions prior to 15.1X49-D90.

Remediation

Solution:

The following software releases have been updated to resolve this specific issue: 12.1X46-D76 (pending release), 12.3X48-D55, 15.1X49-D90, 17.3R1, and all subsequent releases.

Workaround:

There are no viable workarounds for this issue.

References

Link	Tags
https://kb.juniper.net/JSA10845	vendor advisory
http://www.securityfocus.com/bid/103749	vdb entry third party advisory
http://www.securitytracker.com/id/1040785	vdb entry third party advisory

Frequently Asked Questions

What is the severity of CVE-2018-0017?: CVE-2018-0017 has been scored as a high severity vulnerability.
How to fix CVE-2018-0017?: To fix CVE-2018-0017: The following software releases have been updated to resolve this specific issue: 12.1X46-D76 (pending release), 12.3X48-D55, 15.1X49-D90, 17.3R1, and all subsequent releases.
Is CVE-2018-0017 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2018-0017 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2018-0017?: CVE-2018-0017 affects Juniper Networks Junos OS.

Description

Remediation

Category

CWE-20 – Improper Input Validation

References

Frequently Asked Questions