CVE-2016-4925

HIGH

JunosE 10.3-10.3.3, 12.3-12.3.3, 13.3-13.3.3, 14.3-14.3.2 - Denial of Service via Malformed IPv6 Packet

Title source: llm

Description

Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue.

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

https://kb.juniper.net/JSA10767

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037012

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/93533

Scores

CVSS v3 7.5

EPSS 0.0148

EPSS Percentile 81.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-19

Status published

Products (5)

juniper/junose 10.3 - 10.3.3

Juniper Networks/JunosE 10.3 prior to 10.3.3p0-15

Juniper Networks/JunosE 12.3 prior to 12.3.3p0-6

Juniper Networks/JunosE 13.3 prior to 13.3.3p0-1

Juniper Networks/JunosE 14.3 prior to 14.3.2

Published Oct 13, 2017

Tracked Since Feb 18, 2026