Friday, 17 August 2012

Junos: Kernel crash related to ttymodem()


Platforms Affected:


  • JUNOS 12.x
  • Security
  • JUNOS 11.x
  • SIRT Security Advisory


  •  
    Due to a defect introduced earlier this year, a timing issue in the ttymodem() internal I/O processing routine can cause the Junos kernel to crash. The crash can be triggered by simple remote access (eg. telnet, SSH) to the router.

    This issue only affects devices running Junos OS 11.4R2, 11.4R3, 11.4R3-S1, 11.4R3-S2, and 12.1R2. No other general availability releases are affected by this vulnerability. Additionally, the PTX Series Packet Transport Switches are not affected by this issue.

    Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

    No other Juniper Networks products or platforms are affected by this issue.


    Solution:
    Releases containing the fix specifically include: 11.4R3-S3, 11.4R4, 12.1R2-S1, and 12.1R3, and all subsequent releases (i.e. all releases built after 12.1R3).

    This issue is being tracked as PR 755448 and is visible on the Customer Support website. Because this issue was resolved through coding changes crossing multiple PRs, the list of "Resolved In" releases for PR 755448 may differ from the list supplied above. The releases listed above are the accurate first fixed releases for each supported Junos OS software branch.

    KB16765 - "In which releases are vulnerabilities fixed?" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.

    Workarounds
    In order to mitigate exploitation of this vulnerability from malicious actors, use access lists or firewall filters to limit administrative access to the router only from trusted hosts.
    There is no known workaround to avoid authorized users from triggering this software defect through normal administrative operations.




    No comments:

    Post a Comment

    loading...