Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > July 2006 > Juniper Security Advisory: Certain crafted IPv6 packets cause the kernel to leak memory and eventually crash (CERT/CC VU#294036)

July 2006

Juniper Security Advisory: Certain crafted IPv6 packets cause the kernel to leak memory and eventually crash (CERT/CC VU#294036)

ID: 00472
Ref: 458/06
Date: 11 July 2006:15:56:35
Version: 1
Title: Juniper Security Advisory: Certain crafted IPv6 packets cause the kernel to leak memory and eventually crash (CERT/CC VU#294036)
Abstract:
Vendors affected: Juniper
Operating systems affected: Juniper
Applications affected: Juniper

Issue:

This issue affects all releases of JUNOS Internet Software running on M-series, T-series, and J-series routers and built prior to May 10, 2006.

Affected JUNOS routers, when receiving certain IPv6 packets, do not release the memory buffer occupied by the IPv6 packet. Repeated reception of such packets can eventually consume all kernel packet memory and cause the router to crash.

No other Juniper Networks products are affected by this vulnerability.


Solution:

The JUNOS IPv6 code has been corrected to release the memory occupied by the invalid packet in all cases. All releases of JUNOS software built on or after May 10, 2006 include the corrected code. Corrective software is available for JUNOS releases 6.4 through 8.0 inclusive.

Customers who have a valid Juniper user web account can obtain the links to the fixed software images by referring to the Solution section of .

Customers without a JUNOS support or maintenance contract can gain access to corrective software by
requesting a Juniper user account

The account must be set up with Authorization Code: JNPRIPV6.
After receiving the user account information via email, customers can then contact Juniper Support at 1-800-638-8296 (US and Canada) or +1 408-745-9500 (worldwide) in order to obtain the links to the appropriate software image.


Solution Implementation:

Customers are strongly encouraged to upgrade their JUNOS software to a release built on or after May 10, 2006. As an alternative, if IPv6 processing is not required, remove family inet6 from all interface configurations.


Disclaimer:

Juniper Networks is providing this notice on an "AS IS" basis.
No warranty or guarantee of any kind is expressed in this notice and none should be implied. Juniper Networks expressly excludes and disclaims any warranties regarding this notice or materials referred to in this notice, including, without limitation, any implied warranty of merchantability, fitness for a particular purpose, absence of hidden defects, or of noninfringement. Your use or reliance on this notice or materials referred to in this notice is at your own risk. Juniper Networks may change this notice at any time.

Release/Modify Date: 2006-07-10

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |