CVE-2021-0263

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on PTX Series versions 18.2 through 18.2R3-S7 Juniper Networks Junos OS on PTX Series versions 18.3 through 18.3R3-S4 Juniper Networks Junos OS on PTX Series versions 18.4 through 18.4R2-S8 Juniper Networks Junos OS on PTX Series versions 18.4 through 18.4R3-S7 Juniper Networks Junos OS on PTX Series versions 19.1 through 19.1R3-S4 Juniper Networks Junos OS on PTX Series versions 19.2 through 19.2R3-S1 Juniper Networks Junos OS on PTX Series versions 19.3 through 19.3R3-S1 Juniper Networks Junos OS on PTX Series versions 19.4 through 19.4R2-S4 Juniper Networks Junos OS on PTX Series versions 19.4 through 19.4R3-S1 Juniper Networks Junos OS on PTX Series versions 20.1 through 20.1R2 Juniper Networks Junos OS on PTX Series versions 20.2 through 20.2R2 Juniper Networks Junos OS on PTX Series versions 20.3 through 20.3R1-S2 Juniper Networks Junos OS on PTX Series versions 20.3 through 20.3R2

Description: A Data Processing vulnerability in the Multi-Service process on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service (DoS) condition. This can occur during periods of heavy route churn, causing the Multi-Service Process to stop processing updates. An administrator can monitor the command show krt state to check if the KRT queue is stuck. The following logs/alarms will be observed when this condition exists: show chassis alarms and logs indicating a stuck Multi-Service Process.

Recommendations: For Juniper Networks Junos OS on PTX Series versions 18.2 through 18.2R3-S7, update to version 18.2R3-S7 or later. For Juniper Networks Junos OS on PTX Series versions 18.3 through 18.3R3-S4, update to version 18.3R3-S4 or later. For Juniper Networks Junos OS on PTX Series versions 18.4 through 18.4R2-S8, update to version 18.4R2-S8 or later. For Juniper Networks Junos OS on PTX Series versions 18.4 through 18.4R3-S7, update to version 18.4R3-S7 or later. For Juniper Networks Junos OS on PTX Series versions 19.1 through 19.1R3-S4, update to version 19.1R3-S4 or later. For Juniper Networks Junos OS on PTX Series versions 19.2 through 19.2R3-S1, update to version 19.2R3-S1 or later. For Juniper Networks Junos OS on PTX Series versions 19.3 through 19.3R3-S1, update to version 19.3R3-S1 or later. For Juniper Networks Junos OS on PTX Series versions 19.4 through 19.4R2-S4, update to version 19.4R2-S4 or later. For Juniper Networks Junos OS on PTX Series versions 19.4 through 19.4R3-S1, update to version 19.4R3-S1 or later. For Juniper Networks Junos OS on PTX Series versions 20.1 through 20.1R2, update to version 20.1R2 or later. For Juniper Networks Junos OS on PTX Series versions 20.2 through 20.2R2, update to version 20.2R2 or later. For Juniper Networks Junos OS on PTX Series versions 20.3 through 20.3R1-S2, update to version 20.3R1-S2 or later. For Juniper Networks Junos OS on PTX Series versions 20.3 through 20.3R2, update to version 20.3R2 or later.