PT-2021-12979 · Juniper Networks · Junos

Published

2021-04-22

Updated

2021-07-23

CVE-2021-0271

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 12.3R12-S17 Juniper Networks Junos OS versions prior to 15.1R7-S8

Description: A Double Free issue in the software forwarding interface daemon (sfid) process allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. Continued receipt and processing of the crafted ARP packets will create a sustained Denial of Service (DoS) condition.

Recommendations: For versions prior to 12.3R12-S17, update to 12.3R12-S17 or later to resolve the issue. For versions prior to 15.1R7-S8, update to 15.1R7-S8 or later to resolve the issue.

Fix

DoS

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

CVE-2021-0271

Affected Products

Junos

PT-2021-12979 · Juniper Networks · Junos

CVE-2021-0271

Weakness Enumeration

Related Identifiers

Affected Products

References · 3