Lucene search

[email protected]CVE-2018-0022

HistoryApr 11, 2018 - 7:29 p.m.

CVE-2018-0022

2018-04-1119:29:00

CWE-400

[email protected]

web.nvd.nist.gov

junos

vpls

mbuf leak

security vulnerability

routing instances

juniper networks

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.4%

JSON

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number of mbufs that are currently in use and maximum number of mbufs that can be allocated on a platform: > show system buffers 2437/3143/5580 mbufs in use (current/cache/total) Once the device runs out of mbufs it will become inaccessible and a restart will be required. This issue only affects end devices, transit devices are not affected. Affected releases are Juniper Networks Junos OS with VPLS configured running: 12.1X46 versions prior to 12.1X46-D76; 12.3X48 versions prior to 12.3X48-D66, 12.3X48-D70; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D47; 14.2 versions prior to 14.2R8; 15.1 versions prior to 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7; 15.1X49 versions prior to 15.1X49-D131, 15.1X49-D140; 15.1X53 versions prior to 15.1X53-D58 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471 on NFX; 15.1X53 versions prior to 15.1X53-D66 on QFX10; 16.1 versions prior to 16.1R3-S8, 16.1R4-S6, 16.1R5; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R1-S5, 17.2R2.

Affected configurations

NVD

Node

juniperjunosMatch15.1x49

juniperjunosMatch15.1x49d10

juniperjunosMatch15.1x49d100

juniperjunosMatch15.1x49d110

juniperjunosMatch15.1x49d120

juniperjunosMatch15.1x49d130

juniperjunosMatch15.1x49d20

juniperjunosMatch15.1x49d30

juniperjunosMatch15.1x49d35

juniperjunosMatch15.1x49d40

juniperjunosMatch15.1x49d45

juniperjunosMatch15.1x49d50

juniperjunosMatch15.1x49d55

juniperjunosMatch15.1x49d60

juniperjunosMatch15.1x49d65

juniperjunosMatch15.1x49d70

juniperjunosMatch15.1x49d75

juniperjunosMatch15.1x49d80

juniperjunosMatch15.1x49d90

Node

juniperjunosMatch14.1

juniperjunosMatch14.1r1

juniperjunosMatch14.1r2

juniperjunosMatch14.1r3

juniperjunosMatch14.1r4

juniperjunosMatch14.1r5

juniperjunosMatch14.1r6

juniperjunosMatch14.1r7

juniperjunosMatch14.1r8

Node

juniperjunosMatch14.1x53

juniperjunosMatch14.1x53d15

juniperjunosMatch14.1x53d16

juniperjunosMatch14.1x53d25

juniperjunosMatch14.1x53d26

juniperjunosMatch14.1x53d27

juniperjunosMatch14.1x53d30

juniperjunosMatch14.1x53d35

juniperjunosMatch14.1x53d40

juniperjunosMatch14.1x53d42

juniperjunosMatch14.1x53d43

juniperjunosMatch14.1x53d44

juniperjunosMatch14.1x53d45

juniperjunosMatch14.1x53d46

Node

juniperjunosMatch15.1x53

juniperjunosMatch15.1x53d10

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

juniperjunosMatch15.1x53d30

juniperjunosMatch15.1x53d32

juniperjunosMatch15.1x53d33

juniperjunosMatch15.1x53d34

juniperjunosMatch15.1x53d50

juniperjunosMatch15.1x53d51

juniperjunosMatch15.1x53d52

juniperjunosMatch15.1x53d55

juniperjunosMatch15.1x53d57

AND

juniperex2300Match-

juniperex3400Match-

Node

juniperjunosMatch16.1r1

juniperjunosMatch16.1r2

juniperjunosMatch16.1r3

juniperjunosMatch16.1r4

juniperjunosMatch16.1r5

Node

juniperjunosMatch16.2r1

juniperjunosMatch16.2r2

juniperjunosMatch16.2r3

Node

juniperjunosMatch17.1r1

juniperjunosMatch17.1r2

juniperjunosMatch17.1r3

Node

juniperjunosMatch15.1

juniperjunosMatch15.1r1

juniperjunosMatch15.1r2

juniperjunosMatch15.1r3

juniperjunosMatch15.1r4

juniperjunosMatch15.1r6

Node

juniperjunosMatch12.1x46

juniperjunosMatch12.1x46d10

juniperjunosMatch12.1x46d15

juniperjunosMatch12.1x46d20

juniperjunosMatch12.1x46d25

juniperjunosMatch12.1x46d30

juniperjunosMatch12.1x46d35

juniperjunosMatch12.1x46d40

juniperjunosMatch12.1x46d45

juniperjunosMatch12.1x46d50

juniperjunosMatch12.1x46d55

juniperjunosMatch12.1x46d60

juniperjunosMatch12.1x46d65

Node

juniperjunosMatch12.3x48

juniperjunosMatch12.3x48d10

juniperjunosMatch12.3x48d15

juniperjunosMatch12.3x48d20

juniperjunosMatch12.3x48d25

juniperjunosMatch12.3x48d30

juniperjunosMatch12.3x48d35

juniperjunosMatch12.3x48d40

juniperjunosMatch12.3x48d45

juniperjunosMatch12.3x48d50

juniperjunosMatch12.3x48d55

juniperjunosMatch12.3x48d60

juniperjunosMatch12.3x48d65

Node

juniperjunosMatch14.2

juniperjunosMatch14.2r1

juniperjunosMatch14.2r2

juniperjunosMatch14.2r3

juniperjunosMatch14.2r4

juniperjunosMatch14.2r5

juniperjunosMatch14.2r6

juniperjunosMatch14.2r7

Node

juniperjunosMatch15.1

juniperjunosMatch15.1f1

juniperjunosMatch15.1f2

juniperjunosMatch15.1f3

juniperjunosMatch15.1f4

juniperjunosMatch15.1f6

Node

juniperjunosMatch15.1x53

juniperjunosMatch15.1x53d10

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

juniperjunosMatch15.1x53d210

juniperjunosMatch15.1x53d230

juniperjunosMatch15.1x53d231

juniperjunosMatch15.1x53d232

juniperjunosMatch15.1x53d30

juniperjunosMatch15.1x53d32

juniperjunosMatch15.1x53d33

juniperjunosMatch15.1x53d34

juniperjunosMatch15.1x53d50

juniperjunosMatch15.1x53d51

juniperjunosMatch15.1x53d52

juniperjunosMatch15.1x53d55

juniperjunosMatch15.1x53d57

juniperjunosMatch15.1x53d58

juniperjunosMatch15.1x53d60

juniperjunosMatch15.1x53d61

juniperjunosMatch15.1x53d62

juniperjunosMatch15.1x53d63

juniperjunosMatch15.1x53d64

juniperjunosMatch15.1x53d65

juniperjunosMatch15.1x53d66

AND

juniperqfx5110Match-

juniperqfx5200Match-

Node

juniperjunosMatch15.1x53

juniperjunosMatch15.1x53d10

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

juniperjunosMatch15.1x53d210

juniperjunosMatch15.1x53d230

juniperjunosMatch15.1x53d231

juniperjunosMatch15.1x53d232

juniperjunosMatch15.1x53d233

juniperjunosMatch15.1x53d30

juniperjunosMatch15.1x53d32

juniperjunosMatch15.1x53d33

juniperjunosMatch15.1x53d34

juniperjunosMatch15.1x53d470

juniperjunosMatch15.1x53d50

juniperjunosMatch15.1x53d51

juniperjunosMatch15.1x53d52

juniperjunosMatch15.1x53d55

juniperjunosMatch15.1x53d57

juniperjunosMatch15.1x53d58

juniperjunosMatch15.1x53d60

juniperjunosMatch15.1x53d61

juniperjunosMatch15.1x53d62

juniperjunosMatch15.1x53d63

juniperjunosMatch15.1x53d64

juniperjunosMatch15.1x53d65

juniperjunosMatch15.1x53d66

AND

junipernfx150Match-

junipernfx250Match-

Node

juniperjunosMatch15.1x53

juniperjunosMatch15.1x53d10

juniperjunosMatch15.1x53d20

juniperjunosMatch15.1x53d21

juniperjunosMatch15.1x53d30

juniperjunosMatch15.1x53d32

juniperjunosMatch15.1x53d33

juniperjunosMatch15.1x53d34

juniperjunosMatch15.1x53d50

juniperjunosMatch15.1x53d51

juniperjunosMatch15.1x53d52

juniperjunosMatch15.1x53d55

juniperjunosMatch15.1x53d57

AND

juniperqfx10Match-

Node

juniperjunosMatch17.2r1

juniperjunosMatch17.2r2

CPENameOperatorVersion
juniper:junosjuniper junoseq15.1x49

CPE	Name	Operator	Version
juniper:junos	juniper junos	eq	15.1x49

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "12.1X46-D76",
        "status": "affected",
        "version": "12.1X46",
        "versionType": "custom"
      },
      {
        "lessThan": "12.3X48-D66, 12.3X48-D70",
        "status": "affected",
        "version": "12.3X48",
        "versionType": "custom"
      },
      {
        "lessThan": "14.1R9",
        "status": "affected",
        "version": "14.1",
        "versionType": "custom"
      },
      {
        "lessThan": "14.1X53-D47",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "14.2R8",
        "status": "affected",
        "version": "14.2",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X49-D131, 15.1X49-D140",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R3-S8, 16.1R4-S6, 16.1R5",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R1-S6, 16.2R2-S5, 16.2R3",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R1-S7, 17.1R2-S6, 17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R1-S5, 17.2R2",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "EX2300/EX3400"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D58",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX5200/QFX5110"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D233",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "NFX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D471",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX10"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D66",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securityfocus.com/bid/103740

www.securitytracker.com/id/1040790

kb.juniper.net/JSA10855

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.4%

JSON

Related for CVE-2018-0022

nvd1 nessus1 prion1 cvelist1 cisa1