CVE-2018-0002Improper Restriction of Operations within the Bounds of a Memory Buffer in Networks Junos OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-20Improper Input ValidationCWE-787Out-of-bounds WriteCWE-190Integer Overflow or Wraparound8 documents7 sources
Severity
5.9MEDIUMNVD
EPSS
1.8%
top 17.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Juniper Networks Junos OSMercurialJuniper Junos+3 more
Timeline
PublishedJan 10
Latest updateMay 13

Description

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in an extended Denial of Service condition. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D60 on SRX series; 12.3X48 versions prior to 12.3X48-D35 on SRX series; 14.1 v

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages6 packages

CVEListV5juniper_networks/junos_os12.1X4612.1X46-D60+8
NVDjuniper/junos9 versions+8

Patches

Patch: kb.juniper.netPatch: kb.juniper.net

🔴Vulnerability Details

2
GHSA
GHSA-w7r7-44qw-8v64: On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in2022-05-13
GHSA
Mercurial mishandles integer addition and subtraction2022-05-13

📋Vendor Advisories

2
Red Hat
mercurial: Buffer underflow in mpatch.c:mpatch_apply()2018-06-06
Juniper
CVE-2018-0002: On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in2018-01-10

💬Community

2
Bugzilla
CVE-2018-1042 CVE-2018-1043 CVE-2018-1044 CVE-2018-1045 moodle: Four security issues fixed in the latest release2018-01-23
Bugzilla
CVE-2017-12189 jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)2017-10-09
CVE-2018-0002 — Juniper Networks Junos OS vulnerability | cvebase