CVE-2021-0277

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 12.3 through 12.3R12-S17 Juniper Networks Junos OS versions 15.1 through 15.1R7-S8 Juniper Networks Junos OS versions 17.3 through 17.3R3-S11 Juniper Networks Junos OS versions 17.4 through 17.4R2-S12 Juniper Networks Junos OS versions 17.4 through 17.4R3-S4 Juniper Networks Junos OS versions 18.1 through 18.1R3-S12 Juniper Networks Junos OS versions 18.2 through 18.2R3-S7 Juniper Networks Junos OS versions 18.3 through 18.3R3-S4 Juniper Networks Junos OS versions 18.4 through 18.4R2-S7 Juniper Networks Junos OS versions 18.4 through 18.4R3-S7 Juniper Networks Junos OS versions 19.1 through 19.1R3-S4 Juniper Networks Junos OS versions 19.2 through 19.2R3-S2 Juniper Networks Junos OS versions 19.3 through 19.3R2-S5 Juniper Networks Junos OS versions 19.3 through 19.3R3-S1 Juniper Networks Junos OS versions 19.4 through 19.4R1-S3 Juniper Networks Junos OS versions 19.4 through 19.4R2-S3 Juniper Networks Junos OS versions 19.4 through 19.4R3-S2 Juniper Networks Junos OS versions 20.1 through 20.1R2-S1 Juniper Networks Junos OS versions 20.1 through 20.1R3 Juniper Networks Junos OS versions 20.2 through 20.2R3-S0 Juniper Networks Junos OS versions 20.3 through 20.3R2-S0 Juniper Networks Junos OS versions 20.3 through 20.3R3 Juniper Networks Junos OS versions 20.4 through 20.4R1 Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO

Description The issue is caused by an out-of-bounds read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved. This may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition.

Recommendations For Juniper Networks Junos OS versions 12.3 through 12.3R12-S17, update to version 12.3R12-S18 or later. For Juniper Networks Junos OS versions 15.1 through 15.1R7-S8, update to version 15.1R7-S9 or later. For Juniper Networks Junos OS versions 17.3 through 17.3R3-S11, update to version 17.3R3-S12 or later. For Juniper Networks Junos OS versions 17.4 through 17.4R2-S12, update to version 17.4R2-S13 or later. For Juniper Networks Junos OS versions 17.4 through 17.4R3-S4, update to version 17.4R3-S5 or later. For Juniper Networks Junos OS versions 18.1 through 18.1R3-S12, update to version 18.1R3-S13 or later. For Juniper Networks Junos OS versions 18.2 through 18.2R3-S7, update to version 18.2R3-S8 or later. For Juniper Networks Junos OS versions 18.3 through 18.3R3-S4, update to version 18.3R3-S5 or later. For Juniper Networks Junos OS versions 18.4 through 18.4R2-S7, update to version 18.4R2-S8 or later. For Juniper Networks Junos OS versions 18.4 through 18.4R3-S7, update to version 18.4R3-S8 or later. For Juniper Networks Junos OS versions 19.1 through 19.1R3-S4, update to version 19.1R3-S5 or later. For Juniper Networks Junos OS versions 19.2 through 19.2R3-S2, update to version 19.2R3-S3 or later. For Juniper Networks Junos OS versions 19.3 through 19.3R2-S5, update to version 19.3R2-S6 or later. For Juniper Networks Junos OS versions 19.3 through 19.3R3-S1, update to version 19.3R3-S2 or later. For Juniper Networks Junos OS versions 19.4 through 19.4R1-S3, update to version 19.4R1-S4 or later. For Juniper Networks Junos OS versions 19.4 through 19.4R2-S3, update to version 19.4R2-S4 or later. For Juniper Networks Junos OS versions 19.4 through 19.4R3-S2, update to version 19.4R3-S3 or later. For Juniper Networks Junos OS versions 20.1 through 20.1R2-S1, update to version 20.1R2-S2 or later. For Juniper Networks Junos OS versions 20.1 through 20.1R3, update to version 20.1R3 or later. For Juniper Networks Junos OS versions 20.2 through 20.2R3-S0, update to version 20.2R3-S1 or later. For Juniper Networks Junos OS versions 20.3 through 20.3R2-S0, update to version 20.3R2-S1 or later. For Juniper Networks Junos OS versions 20.3 through 20.3R3, update to version 20.3R3 or later. For Juniper Networks Junos OS versions 20.4 through 20.4R1, update to version 20.4R2 or later. For Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO, update to version 20.4R2-EVO or later. As a temporary workaround, consider disabling the Layer 2 Control Protocol Daemon (l2cpd) until a patch is available.