mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
220 lines
12 KiB
JSON
220 lines
12 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "sirt@juniper.net",
|
|
"DATE_PUBLIC": "2021-04-14T16:00:00.000Z",
|
|
"ID": "CVE-2021-0257",
|
|
"STATE": "PUBLIC",
|
|
"TITLE": "Junos OS: MX Series, EX9200 Series: Trio-based MPCs memory leak in VPLS with integrated routing and bridging (IRB) interface "
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Junos OS",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "17.3",
|
|
"version_value": "17.3R3-S10"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "17.4",
|
|
"version_value": "17.4R3-S3"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "18.2",
|
|
"version_value": "18.2R3-S7"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "18.3",
|
|
"version_value": "18.3R3-S4"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "18.4",
|
|
"version_value": "18.4R3-S6"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "19.2",
|
|
"version_value": "19.2R3-S2"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "19.3",
|
|
"version_value": "19.3R3-S1"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "19.4",
|
|
"version_value": "19.4R2-S2, 19.4R3"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "20.2",
|
|
"version_value": "20.2R1-S3, 20.2R2"
|
|
},
|
|
{
|
|
"platform": "MX Series, EX9200 Series",
|
|
"version_affected": "<",
|
|
"version_name": "20.3",
|
|
"version_value": "20.3R1-S1,, 20.3R2"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "17.3",
|
|
"version_value": "17.3R3-S8"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "17.4",
|
|
"version_value": "17.4R3-S2"
|
|
},
|
|
{
|
|
"version_affected": "!",
|
|
"version_value": "18.1"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "18.2",
|
|
"version_value": "18.2R3-S4"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "18.3",
|
|
"version_value": "18.3R3-S2"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "18.4",
|
|
"version_value": "18.4R3-S1"
|
|
},
|
|
{
|
|
"version_affected": "!",
|
|
"version_name": "19.1",
|
|
"version_value": "19.1"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "19.2",
|
|
"version_value": "19.2R2"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "19.3",
|
|
"version_value": "19.3R3"
|
|
},
|
|
{
|
|
"version_affected": "!<",
|
|
"version_name": "19.4",
|
|
"version_value": "19.4R2"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Juniper Networks"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"configuration": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A sample configuration of an IRB interface configured for VPLS is shown below:\n\n routing-instances {\n instance1 {\n instance-type vpls;\n routing-interface irb.1234;\n }\n"
|
|
}
|
|
],
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device> show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of \u201c% NH mem Free\u201d will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines), including MX-MPC1-3D, MX-MPC1E-3D, MX-MPC2-3D, MX-MPC2E-3D, MPC-3D-16XGE, and CHAS-MXxx Series MPCs. No other products or platforms are affected by this issue. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3 versions prior to 17.3R3-S10; 17.4 versions prior to 17.4R3-S3; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R3-S6; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.2 versions prior to 20.2R1-S3, 20.2R2; 20.3 versions prior to 20.3R1-S1,, 20.3R2. This issue does not affect Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R3-S2; 18.1; 18.2 versions prior to 18.2R3-S4; 18.3 versions prior to 18.3R3-S2; 18.4 versions prior to 18.4R3-S1; 19.1; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R2."
|
|
}
|
|
]
|
|
},
|
|
"exploit": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
|
|
}
|
|
],
|
|
"generator": {
|
|
"engine": "Vulnogram 0.0.9"
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "ADJACENT_NETWORK",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 6.5,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"version": "3.1"
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-400 Uncontrolled Resource Consumption"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"url": "https://kb.juniper.net/JSA11148",
|
|
"name": "https://kb.juniper.net/JSA11148"
|
|
}
|
|
]
|
|
},
|
|
"solution": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S10, 17.4R3-S3, 18.2R3-S7, 18.3R3-S4, 18.4R3-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S2, 19.4R3, 20.1R2, 20.2R1-S3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases.\n"
|
|
}
|
|
],
|
|
"source": {
|
|
"advisory": "JSA11148",
|
|
"defect": [
|
|
"1528641"
|
|
],
|
|
"discovery": "USER"
|
|
},
|
|
"work_around": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "There are no viable workarounds for this issue."
|
|
}
|
|
]
|
|
} |