SB2021071526 - Denial of service in Junos OS Ethernet interface frame processing
Published: July 15, 2021
Security Bulletin ID
SB2021071526
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper Check or Handling of Exceptional Conditions (CVE-ID: CVE-2021-0290)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of exceptional conditions in Ethernet interface frame processing. A remote attacker on the local network can send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition.
This issue is platform-specific and affects the following platforms and line cards:
- MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020
- MX204, MX10003, MX10008, MX10016
- EX9200, EX9251
- SRX4600
Remediation
Install update from vendor's website.