A vulnerability allowing out-of-bounds read has been identified in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. This vulnerability allows an unauthenticated, logically adjacent BGP peer to send a specifically malformed BGP packet that causes rpd to crash and restart, creating a denial-of-service condition. The issue can be sustained by the continued receipt and processing of the malformed packets. The vulnerability affects systems with BGP traceoptions enabled or those configured with BGP traffic engineering (BGP-LS), and can be exploited from a directly connected BGP peer. It impacts both iBGP and eBGP sessions, with vulnerabilities present in both IPv4 and IPv6 address families.
Exploitation of this vulnerability causes the routing protocol daemon (rpd) to crash and restart, leading to a denial-of-service condition. This disruption can be sustained by the ongoing receipt and processing of the malformed BGP packets, causing repeated crashes and restarts of the rpd process.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
