Main Vulnerability Database Vulnerabilities #VU82433

Memory leak in Juniper Junos OS - CVE-2020-1603

Published: January 3, 2020 / Updated: October 26, 2023

Vulnerability identifier: #VU82433

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-1603

CWE-ID: CWE-401

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Juniper Networks, Inc.

Affected software:
Juniper Junos OS

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to a crash the entire system.

Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE.

How to mitigate CVE-2020-1603

Install updates from vendor's website.

Sources

https://supportportal.juniper.net/s/article/2020-01-Security-Bulletin-Junos-OS-Improper-handling-of-specific-IPv6-packets-sent-by-clients-eventually-kernel-crash-vmcore-the-device-CVE-2020-1603

Memory leak in Juniper Junos OS - CVE-2020-1603

Detailed vulnerability description

How to mitigate CVE-2020-1603

Sources

Please verify you're human