PT-2021-2114 · Juniper Networks · Junos
Published
2021-01-13
·
Updated
2022-08-05
·
CVE-2021-0217
CVSS v3.1
7.4
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Junos OS versions prior to 17.4R3-S3
Junos OS versions 18.1R3 between 18.1R3-S6 and 18.1R3-S11
Junos OS versions prior to 18.2R3-S6
Junos OS versions prior to 18.3R3-S4
Junos OS versions prior to 18.4R2-S5
Junos OS versions prior to 18.4R3-S6
Junos OS versions between 19.1R2 and 19.1R3-S3
Junos OS versions prior to 19.2R3-S1
Junos OS versions prior to 19.3R2-S5, 19.3R3
Junos OS versions prior to 19.4R2-S2, 19.4R3
Junos OS versions prior to 20.1R2
Junos OS versions prior to 20.2R1-S2, 20.2R2
Description:
The issue is related to a buffer overflow in memory when processing certain DHCP packets, which can be exploited by a remote attacker to cause a denial of service. This can lead to traffic not being forwarded or the fxpc process crashing. The exploitation may cause the system to become unstable when Packet DMA heap utilization reaches 99%. Indications of the issue may be observed through specific log messages, such as "brcm pkt buf alloc:523 (buf alloc) failed allocating packet buffer".
Recommendations:
For Junos OS versions prior to 17.4R3-S3, update to version 17.4R3-S3 or later.
For Junos OS versions 18.1R3 between 18.1R3-S6 and 18.1R3-S11, update to version 18.1R3-S11 or later.
For Junos OS versions prior to 18.2R3-S6, update to version 18.2R3-S6 or later.
For Junos OS versions prior to 18.3R3-S4, update to version 18.3R3-S4 or later.
For Junos OS versions prior to 18.4R2-S5, update to version 18.4R2-S5 or later.
For Junos OS versions prior to 18.4R3-S6, update to version 18.4R3-S6 or later.
For Junos OS versions between 19.1R2 and 19.1R3-S3, update to version 19.1R3-S3 or later.
For Junos OS versions prior to 19.2R3-S1, update to version 19.2R3-S1 or later.
For Junos OS versions prior to 19.3R2-S5, 19.3R3, update to version 19.3R2-S5 or later.
For Junos OS versions prior to 19.4R2-S2, 19.4R3, update to version 19.4R2-S2 or later.
For Junos OS versions prior to 20.1R2, update to version 20.1R2 or later.
For Junos OS versions prior to 20.2R1-S2, 20.2R2, update to version 20.2R1-S2 or later.
Exploit
Fix
DoS
Buffer Overflow
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Junos