A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated malicious user to cause a Denial of Service (DoS). When a BGP flow route with redirect IP extended community is received, and the reachability to the next-hop of the corresponding redirect IP is flapping, the rpd process might crash. Whether the crash occurs depends on the timing of the internally processing of these two events and is outside the attackers control. Please note that this issue also affects Route-Reflectors unless 'routing-options flow firewall-install-disable' is configured. This issue affects: Juniper Networks Junos OS: 18.4 versions before 18.4R2-S10, 18.4R3-S10; 19.1 versions before 19.1R3-S7; 19.2 versions before 19.2R1-S8, 19.2R3-S4; 19.4 versions before 19.4R3-S8; 20.2 versions before 20.2R3-S3; 20.3 versions before 20.3R3-S2; 20.4 versions before 20.4R3; 21.1 versions before 21.1R2. Juniper Networks Junos OS Evolved: All versions before 20.4R2-EVO; 21.1-EVO versions before 21.1R2-EVO. This issue does not affect Juniper Networks Junos OS versions before 18.4R1.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
juniper junos 18.4 |
||
juniper junos 19.1 |
||
juniper junos 19.4 |
||
juniper junos 20.2 |
||
juniper junos 20.3 |
||
juniper junos 20.4 |
||
juniper junos 21.1 |
||
juniper junos |
||
juniper junos os evolved 20.4 |
||
juniper junos os evolved 21.1 |
||
juniper junos os evolved |
Vulmon