CVE-2020-1629 — Race Condition within a Thread in Networks Junos OS

CWE-366 — Race Condition within a Thread CWE-362 — Race Condition5 documents5 sources

Severity

5.9MEDIUMNVD

EPSS

0.3%

top 45.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedApr 8

Latest updateMay 24

Description

A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while processing a BGP NOTIFICATION message. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.2 version 17.2R2 and later versions; 17.2X75 versions prior to 17.2X75-D105, 17.2X75-D110; 17.3 versions p…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os16.1 — 16.1R7-S6+13

▶NVDjuniper/junos14 versions+13

🔴Vulnerability Details

GHSA

GHSA-vh8j-vv7v-7h49: A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while proc↗2022-05-24

▶

CVEList

Junos OS: A race condition vulnerability may cause RPD daemon to crash when processing a BGP NOTIFICATION message.↗2020-04-08

▶

📋Vendor Advisories

Juniper

CVE-2020-1629: A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while proc↗2020-04-08

▶

💬Community

Bugzilla

CVE-2019-13454 ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c↗2019-07-10

▶