#VU11849 Memory leak in Juniper Junos OS - CVE-2018-0022
Published: April 17, 2018
Vulnerability identifier: #VU11849
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0022
CWE-ID: CWE-401
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Juniper Junos OS
Juniper Junos OS
Software vendor:
Juniper Networks, Inc.
Juniper Networks, Inc.
Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number of mbufs that are currently in use and maximum number of mbufs that can be allocated on a platform:
The weakness exists due to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number of mbufs that are currently in use and maximum number of mbufs that can be allocated on a platform:
> show system buffers
2437/3143/5580 mbufs in use (current/cache/total)
Once the device runs out of mbufs a remote attacker can cause the service to crash.Remediation
Update to versions 12.1X46-D76, 12.3X48-D66, 12.3X48-D70, 14.1R9, 14.1X53-D47, 14.2R8, 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7, 15.1X49-D131, 15.1X49-D140, 15.1X53-D233, 15.1X53-D471, 15.1X53-D58, 15.1X53-D66, 16.1R3-S8, 16.1R4-S6, 16.1R5, 16.2R1-S6, 16.2R2-S5, 16.2R3, 17.1R1-S7, 17.1R2-S6, 17.1R3, 17.2R1-S5, 17.2R2, 17.3R1 or later.