Junos OS Evolved: Receipt of certain valid BGP update packets from BGP peers may cause RPD to core when using REGEX.

In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service (DoS). Continued receipt of these types of valid BGP update packets will cause an extended Denial of Service condition. RPD will require a restart to recover. An indicator of compromise is to see if the file rpd.re exists by issuing the command: show system core-dumps This issue affects: Juniper Networks Junos OS Evolved 19.4 versions prior to 19.4R2-S2-EVO; 20.1 versions prior to 20.1R1-S2-EVO, 20.1R2-S1-EVO. This issue does not affect Junos OS.

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

使用未经初始化的指针

Juniper Networks Junos OS Evolved 缓冲区错误漏洞

Juniper Networks Junos OS和Junos OS Evolved都是美国瞻博网络（Juniper Networks）公司的产品。Juniper Networks Junos OS是一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。Junos OS Evolved是Junos OS 的升级版系统。 Junos OS Evolved 存在缓冲区错误漏洞，攻击者可利用该漏洞使应用拒绝服务。以下产品及版本受到影响：Junos OS Evolved 19

N/A

N/A