CVE-2021-0202

Name of the Vulnerable Software and Affected Versions Junos versions 17.3R3-S8 through 17.4R3-S2 Junos versions 18.2R3-S4 through 18.2R3-S5 Junos versions 18.3R3-S2 through 18.3R3-S3 Junos versions 18.4R3-S1 through 18.4R3-S6 Junos versions 19.2R2 through 19.2R3-S1 Junos versions 19.4R2 through 19.4R2-S3, 19.4R3 Junos versions 20.2R1 through 20.2R1-S3, 20.2R2

Description The issue is related to an uncontrolled resource consumption in the Integrated Routing and Bridging (IRB) interface of Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC. Certain network events at the Customer Edge (CE) device may cause a memory leak in the MPC, leading to an out-of-memory condition and MPC restarts, resulting in temporary traffic interruption. An administrator can monitor the status of memory usage level of the MPC using the CLI command show system resource-monitor fpc. The value of % NH mem Free will decrease until the MPC restarts when the issue occurs.

Recommendations For Junos versions 17.3R3-S8 through 17.4R3-S2, update to a version outside of this range. For Junos versions 18.2R3-S4 through 18.2R3-S5, update to a version outside of this range. For Junos versions 18.3R3-S2 through 18.3R3-S3, update to a version outside of this range. For Junos versions 18.4R3-S1 through 18.4R3-S6, update to version 18.4R3-S6 or later. For Junos versions 19.2R2 through 19.2R3-S1, update to version 19.2R3-S1 or later. For Junos versions 19.4R2 through 19.4R2-S3, 19.4R3, update to a version outside of this range. For Junos versions 20.2R1 through 20.2R1-S3, 20.2R2, update to a version outside of this range. As a temporary workaround, consider monitoring the memory usage level of the MPC using the CLI command show system resource-monitor fpc to detect potential issues before they cause an out-of-memory condition.