Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. When RPD is unavailable, routing updates cannot be processed which can lead to an extended network outage. If RSVP is not enabled on an interface, then the issue cannot be triggered via that interface. This issue only affects Juniper Networks Junos OS 16.1 versions prior to 16.1R3. This issue does not affect Junos releases prior to 16.1R1.
Advisories
Source ID Title
EUVD EUVD EUVD-2018-0851 Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. When RPD is unavailable, routing updates cannot be processed which can lead to an extended network outage. If RSVP is not enabled on an interface, then the issue cannot be triggered via that interface. This issue only affects Juniper Networks Junos OS 16.1 versions prior to 16.1R3. This issue does not affect Junos releases prior to 16.1R1.
Fixes

Solution

The following software releases have been updated to resolve this specific issue: 16.1R3, 16.2R1, and all subsequent releases.


Workaround

Only enable RSVP on specific trusted interfaces as required for MPLS.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published:

Updated: 2024-09-17T04:25:35.668Z

Reserved: 2017-11-16T00:00:00

Link: CVE-2018-0027

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-11T18:29:00.340

Modified: 2024-11-21T03:37:23.440

Link: CVE-2018-0027

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.