CVE-2019-0008Stack-based Buffer Overflow in Networks Junos OS

CWE-121Stack-based Buffer OverflowCWE-787Out-of-bounds WriteCWE-476NULL Pointer Dereference6 documents6 sources
Severity
9.8CRITICALNVD
EPSS
4.8%
top 10.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Juniper Networks Junos OSJuniper JunosJuniper Junos OS+1 more
Timeline
PublishedApr 10
Latest updateMay 13

Description

A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code execution. Affected releases are Juniper Networks Junos OS on QFX 5000 series, EX4300, EX4600 are: 14.1X53; 15.1X53 versions prior to 15.1X53-D235; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R3

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

CVEListV5juniper_networks/junos_os15.1X5315.1X53-D235+9
NVDjuniper/junos15.1x5315.1x53-d235+12

🔴Vulnerability Details

1
GHSA
GHSA-w8p6-5qfp-c66p: A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC)2022-05-13

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows Server 2012 - 'Group Policy' Remote Code Execution (MS15-011)2019-10-29

📋Vendor Advisories

2
VMware
VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabiliti2019-05-14
Juniper
CVE-2019-0008: A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC)2019-04-10
CVE-2019-0008 — Stack-based Buffer Overflow | cvebase