#VU61514 Double Free in Juniper Junos OS - CVE-2021-0271

Cybersecurity Help s.r.o.

Published: 2022-03-22

Vulnerability identifier: #VU61514

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-0271

CWE-ID: CWE-415

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Juniper Junos OS
Operating systems & Components / Operating system

Vendor: Juniper Networks, Inc.

Description

The vulnerability allows a remote attacker to denial of service (DoS) attack.

The vulnerability exists due to a boundary error in the software forwarding interface daemon (sfid) process. A remote attacker on the local network can send a specially crafted ARP packet to the affected device and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

The vulnerability affects Juniper Networks Junos OS on EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series.

Vulnerable software versions

Juniper Junos OS: 12.3R12-S1, 12.3R12-S2, 12.3R12-S3, 12.3R12-S4, 12.3R12-S5, 12.3R12-S6, 12.3R12-S7, 12.3R12-S8, 12.3R12-S9, 12.3R12-S10, 12.3R12-S12, 12.3R12-S13, 12.3R12-S14, 12.3R12-S15, 12.3R12-S16, 12.3, 12.3R10, 12.3R11, 12.3R12, 15.1F2-S1, 15.1F2-S2, 15.1F2-S3, 15.1F2-S4, 15.1F2-S5, 15.1F2-S6, 15.1F2-S7, 15.1F2-S8, 15.1F2-S9, 15.1F2-S10, 15.1F2-S11, 15.1F2-S12, 15.1F2-S13, 15.1F2-S14, 15.1F2-S15, 15.1F2-S16, 15.1F2-S17, 15.1F2-S18, 15.1F2-S19, 15.1F2-S20, 15.1R4-S2, 15.1F4-S2, 15.1R4-S1, 15.1R4-S3, 15.1R4-S4, 15.1R4-S5, 15.1F4-S1-J1, 15.1R4-S6, 15.1R4-S7, 15.1R4-S8, 15.1R4-S9, 15.1R5-S51, 15.1F5-S1, 15.1F5-S2, 15.1F5-S3, 15.1R5-S4, 15.1R5-S5, 15.1R5-S7, 15.1F5-S4, 15.1R5-S52, 15.1R5-S53, 15.1R5-S54, 15.1R5-S55, 15.1R5-S56, 15.1F5-S5, 15.1R5-S57, 15.1R6-S1, 15.1R6-S2, 15.1R6-S3, 15.1R6-S4, 15.1R6-S5, 15.1R6-S6, 15.1F6-S1, 15.1F6-S2, 15.1F6-S3, 15.1F6-S4, 15.1F6-S5, 15.1F6-S6, 15.1F6-S7, 15.1F6-S8, 15.1F6-S9, 15.1F6-S10, 15.1F6-S12, 15.1F6-S13, 15.1R7-S2, 15.1R7-S3, 15.1R7-S4, 15.1R7-S5, 15.1R7-S6, 15.1R7-S7, 15.1F7-S1, 15.1F7-S2, 15.1, 15.1F1, 15.1F, 15.1R1, 15.1R2, 15.1R, 15.1F2, 15.1R3, 15.1F3, 15.1R4, 15.1F4, 15.1F5, 15.1R5, 15.1R6, 15.1F6, 15.1R7, 15.1F7

External links
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11162&cat=SIRT_1&actp=LIST

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Junos OS ARP processing