CVE-2021-0290

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 16.1R7-S7 on MX Series Juniper Networks Junos OS versions 17.1R1 and later prior to 17.2R3-S3 on MX Series Juniper Networks Junos OS versions prior to 17.3R3-S8 on MX Series Juniper Networks Junos OS versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600 Juniper Networks Junos OS versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600 Juniper Networks Junos OS versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600 Juniper Networks Junos OS versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600 Juniper Networks Junos OS versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600 Juniper Networks Junos OS versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600 Juniper Networks Junos OS versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600 Juniper Networks Junos OS versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600

Description The issue is related to improper handling of exceptional conditions in Ethernet interface frame processing, allowing an attacker to send specially crafted frames over the local Ethernet segment and cause the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition. This issue is platform-specific and affects certain platforms and line cards, including MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020, MX204, MX10003, MX10008, MX10016, EX9200, EX9251, and SRX4600.

Recommendations For Juniper Networks Junos OS versions prior to 16.1R7-S7 on MX Series, update to version 16.1R7-S7 or later. For Juniper Networks Junos OS versions 17.1R1 and later prior to 17.2R3-S3 on MX Series, update to version 17.2R3-S3 or later. For Juniper Networks Junos OS versions prior to 17.3R3-S8 on MX Series, update to version 17.3R3-S8 or later. For Juniper Networks Junos OS versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600, update to version 17.4R2-S11 or 17.4R3-S1 or later. For Juniper Networks Junos OS versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600, update to version 18.1R3-S10 or later. For Juniper Networks Junos OS versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600, update to version 18.2R3-S3 or later. For Juniper Networks Junos OS versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600, update to version 18.3R3-S1 or later. For Juniper Networks Junos OS versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600, update to version 18.4R2-S3 or 18.4R3 or later. For Juniper Networks Junos OS versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600, update to version 19.1R2-S1 or 19.1R3 or later. For Juniper Networks Junos OS versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600, update to version 19.2R1-S3 or 19.2R2 or later. For Juniper Networks Junos OS versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600, update to version 19.3R2 or later.