Summary
Denial of Service Vulnerability through crafted IGMP packets.
Impact
Remote attackers can cause the kernel to crash resulting in a Denial of Service condition.
Solution
New builds of Junos OS software are available from Juniper. As a workaround disable PIM if not required or if fxp0 is unused, disable the external management interface.
Insight
Reception of a very high rate of crafted IGMP packets may cause the Junos kernel to crash. The contents of the valid IGMP packets must be specifically crafted to trigger the crash, while maintaining a transmit rate exceeding approximately 1000 packets per second. PIM must also be enabled to trigger this crash.
Affected
Junos OS 13.2 and 13.3.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-0614 -
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C
Related Vulnerabilities