An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an malicious user to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3 versions before 12.3R12-S18; 15.1 versions before 15.1R7-S9; 17.3 versions before 17.3R3-S12; 17.4 versions before 17.4R2-S13, 17.4R3-S5; 18.1 versions before 18.1R3-S13; 18.2 versions before 18.2R3-S8; 18.3 versions before 18.3R3-S5; 18.4 versions before 18.4R2-S8, 18.4R3-S8; 19.1 versions before 19.1R3-S5; 19.2 versions before 19.2R3-S3; 19.3 versions before 19.3R2-S6, 19.3R3-S2; 19.4 versions before 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions before 20.1R2-S2, 20.1R3; 20.2 versions before 20.2R3-S1; 20.3 versions before 20.3R2-S1, 20.3R3; 20.4 versions before 20.4R2. Juniper Networks Junos OS Evolved versions before 20.4R2-EVO.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
juniper junos 12.3 |
||
juniper junos 15.1 |
||
juniper junos 17.3 |
||
juniper junos 17.4 |
||
juniper junos 18.1 |
||
juniper junos 18.2 |
||
juniper junos 18.4 |
||
juniper junos 19.1 |
||
juniper junos 19.2 |
||
juniper junos 19.3 |
||
juniper junos 19.4 |
||
juniper junos 20.1 |
||
juniper junos 20.2 |
||
juniper junos 20.3 |
||
juniper junos 20.4 |