CVE-2021-31367

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 18.4R3-S9 Juniper Networks Junos OS 19.1 versions prior to 19.1R3-S7 Juniper Networks Junos OS 19.2 versions prior to 19.2R1-S7, 19.2R3-S3 Juniper Networks Junos OS 19.3 versions prior to 19.3R2-S6, 19.3R3-S3 Juniper Networks Junos OS 19.4 versions prior to 19.4R1-S4, 19.4R3-S6 Juniper Networks Junos OS 20.1 versions prior to 20.1R2-S2, 20.1R3 Juniper Networks Junos OS 20.2 versions prior to 20.2R3-S1 Juniper Networks Junos OS 20.3 versions prior to 20.3R3 Juniper Networks Junos OS 20.4 versions prior to 20.4R3 Juniper Networks Junos OS 21.1 versions prior to 21.1R2

Description A Missing Release of Memory after Effective Lifetime issue in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets, which cause an FPC heap memory leak. Once the memory is depleted, the FPC will crash and restart along with a core dump. Continued receipt of these packets will create a sustained Denial of Service (DoS) condition.

Recommendations For Juniper Networks Junos OS versions prior to 18.4R3-S9, update to version 18.4R3-S9 or later. For Juniper Networks Junos OS 19.1 versions prior to 19.1R3-S7, update to version 19.1R3-S7 or later. For Juniper Networks Junos OS 19.2 versions prior to 19.2R1-S7, 19.2R3-S3, update to version 19.2R1-S7, 19.2R3-S3 or later. For Juniper Networks Junos OS 19.3 versions prior to 19.3R2-S6, 19.3R3-S3, update to version 19.3R2-S6, 19.3R3-S3 or later. For Juniper Networks Junos OS 19.4 versions prior to 19.4R1-S4, 19.4R3-S6, update to version 19.4R1-S4, 19.4R3-S6 or later. For Juniper Networks Junos OS 20.1 versions prior to 20.1R2-S2, 20.1R3, update to version 20.1R2-S2, 20.1R3 or later. For Juniper Networks Junos OS 20.2 versions prior to 20.2R3-S1, update to version 20.2R3-S1 or later. For Juniper Networks Junos OS 20.3 versions prior to 20.3R3, update to version 20.3R3 or later. For Juniper Networks Junos OS 20.4 versions prior to 20.4R3, update to version 20.4R3 or later. For Juniper Networks Junos OS 21.1 versions prior to 21.1R2, update to version 21.1R2 or later.