CVE-2021-0216

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 18.2R3-S8 on ACX5448 Juniper Networks Junos OS versions prior to 18.3R3-S5 on ACX5448 Juniper Networks Junos OS versions prior to 18.4R1-S6 on ACX5448 Juniper Networks Junos OS versions prior to 18.4R3-S7 on ACX5448 Juniper Networks Junos OS versions prior to 19.1R3-S5 on ACX5448 Juniper Networks Junos OS versions prior to 19.2R2 on ACX5448 Juniper Networks Junos OS versions prior to 19.2R3 on ACX5448 Juniper Networks Junos OS versions prior to 19.3R3 on ACX5448 Juniper Networks Junos OS versions prior to 19.4R3 on ACX5448 Juniper Networks Junos OS versions prior to 20.1R2 on ACX5448 Juniper Networks Junos OS versions prior to 20.2R2 on ACX5448 and ACX710

Description: A vulnerability in Juniper Networks Junos OS may cause BFD sessions to flap when a high rate of transit ARP packets are received, potentially impacting routing protocols and network stability, leading to a Denial of Service (DoS) condition. This issue may be identified by log messages such as bfdd[15864]: BFDD STATE UP TO DOWN: BFD Session 192.168.14.3 (IFL 232) state Up -> Down and rpd[15839]: RPD ISIS ADJDOWN: IS-IS lost L2 adjacency to peer on irb.998, reason: BFD Session Down.

Recommendations: For Juniper Networks Junos OS versions prior to 18.2R3-S8 on ACX5448, update to 18.2R3-S8 or later. For Juniper Networks Junos OS versions prior to 18.3R3-S5 on ACX5448, update to 18.3R3-S5 or later. For Juniper Networks Junos OS versions prior to 18.4R1-S6 on ACX5448, update to 18.4R1-S6 or later. For Juniper Networks Junos OS versions prior to 18.4R3-S7 on ACX5448, update to 18.4R3-S7 or later. For Juniper Networks Junos OS versions prior to 19.1R3-S5 on ACX5448, update to 19.1R3-S5 or later. For Juniper Networks Junos OS versions prior to 19.2R2 on ACX5448, update to 19.2R2 or later. For Juniper Networks Junos OS versions prior to 19.2R3 on ACX5448, update to 19.2R3 or later. For Juniper Networks Junos OS versions prior to 19.3R3 on ACX5448, update to 19.3R3 or later. For Juniper Networks Junos OS versions prior to 19.4R3 on ACX5448, update to 19.4R3 or later. For Juniper Networks Junos OS versions prior to 20.1R2 on ACX5448, update to 20.1R2 or later. For Juniper Networks Junos OS versions prior to 20.2R2 on ACX5448 and ACX710, update to 20.2R2 or later.