CVE-2021-0292

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 19.4R2-S3-EVO Juniper Networks Junos OS Evolved versions prior to 20.1R2-S4-EVO Juniper Networks Junos OS Evolved all versions of 20.2-EVO

Description An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. Link-layer functions such as IPv4 and/or IPv6 address resolution may be impacted, leading to traffic loss. The processes do not recover on their own and must be manually restarted. Changes in memory usage can be monitored using shell commands.

Recommendations For Juniper Networks Junos OS Evolved versions prior to 19.4R2-S3-EVO, update to version 19.4R2-S3-EVO or later. For Juniper Networks Junos OS Evolved versions prior to 20.1R2-S4-EVO, update to version 20.1R2-S4-EVO or later. For Juniper Networks Junos OS Evolved all versions of 20.2-EVO, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider manually restarting the arpd and ndp processes to recover from the Denial of Service condition. Additionally, monitor memory usage using the provided shell commands to detect potential exploitation.