Knowledge Search


×
 

2019-04 Security Bulletin: Junos OS: SRX5000 series: Kernel crash (vmcore) upon receipt of a specific packet on fxp0 interface (CVE-2019-0044)

  [JSA10936] Show Article Properties


Product Affected:
This issue affects Junos OS 12.1X46, 12.3X48, 15.1X49. Affected platforms: SRX5000 series.
Problem:

Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore).

By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the system (vmcore) causing prolonged Denial of Service (DoS).

Affected releases are Juniper Networks SRX5000 Series:

  • 12.1X46 versions prior to 12.1X46-D82;
  • 12.3X48 versions prior to 12.3X48-D80;
  • 15.1X49 versions prior to 15.1X49-D160.

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

This issue was seen during production usage.

This issue has been assigned CVE-2019-0044.

Solution:

The following software releases have been updated to resolve this specific issue: 12.1X46-D82, 12.3X48-D80, 15.1X49-D160 and all subsequent releases.

This issue is being tracked as PR 1362221 which is visible on the Customer Support website.

Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of Engineering (EOE) or End of Life (EOL).

Workaround:

There are no known workarounds for this issue.
Limiting the access to the device's management interface only from trusted administrative networks or hosts would minimize the risk.

Implementation:
Software Releases, patches and updates are available at https://www.juniper.net/support/downloads/.
Modification History:
  • 2019-04-10: Initial Publication.
  • 2019-04-10: Minor description edit.
  • 2019-04-24: Minor edit of the workaround section.

 

Related Links:
CVSS Score:
7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Severity Level:
High
Severity Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories."