Input validation

2023-10-1300:15:00

PRIOn knowledge base

www.prio-n.com

juniper networks

junos os

local attacker

fpc crash

denial of service

vulnerability

memory release

dos

packet forwarding engine

mx series

mpc

vpls

ldp command

nvd

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS).

On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can lead to sustained Denial of Service condition.

This issue affects:

Juniper Networks Junos OS on MX Series:

All versions prior to 20.4R3-S7;
21.1 versions prior to 21.1R3-S5;
21.2 versions prior to 21.2R3-S4;
21.3 versions prior to 21.3R3-S4;
21.4 versions prior to 21.4R3-S3;
22.1 versions prior to 22.1R3-S1;
22.2 versions prior to 22.2R2-S1, 22.2R3;
22.3 versions prior to 22.3R1-S2, 22.3R2.

CPENameOperatorVersion
junoslt20.4
junoseq20.4
junoseq20.4
junoseq20.4
junoseq20.4 r1
junoseq20.4
junoseq20.4 r2
junoseq20.4
junoseq20.4 r3
junoseq20.4