CVE-2021-0272
Summary
| CVE | CVE-2021-0272 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-04-22 20:15:00 UTC |
| Updated | 2021-05-04 20:28:00 UTC |
| Description | A kernel memory leak in QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016 devices Flexible PIC Concentrators (FPCs) on Juniper Networks Junos OS allows an attacker to send genuine packets destined to the device to cause a Denial of Service (DoS) to the device. On QFX10002-32Q, QFX10002-60C, QFX10002-72Q devices the device will crash and restart. On QFX10008, QFX10016 devices, depending on the number of FPCs involved in an attack, one more more FPCs may crash and traffic through the device may be degraded in other ways, until the attack traffic stops. A reboot is required to restore service and clear the kernel memory. Continued receipt and processing of these genuine packets will create a sustained Denial of Service (DoS) condition. On QFX10008, QFX10016 devices, an indicator of compromise may be the existence of DCPFE core files. You can also monitor PFE memory utilization for incremental growth: user@qfx-RE:0% cprod -A fpc0 -c "show heap 0" | grep -i ke 0 3788a1b0 3221225048 2417120656 804104392 24 Kernel user@qfx-RE:0% cprod -A fpc0 -c "show heap 0" | grep -i ke 0 3788a1b0 3221225048 2332332200 888892848 27 Kernel This issue affects: Juniper Networks Junos OS on QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: 16.1 versions 16.1R1 and above prior to 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R3-S2; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2. This issue does not affect releases prior to Junos OS 16.1R1. This issue does not affect EX Series devices. This issue does not affect Junos OS Evolved. |
Risk And Classification
Problem Types: CWE-401
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Juniper | Junos | 16.1 | r1 | All | All |
| Operating System | Juniper | Junos | 16.1 | r2 | All | All |
| Operating System | Juniper | Junos | 16.1 | r3 | All | All |
| Operating System | Juniper | Junos | 16.1 | r3-s10 | All | All |
| Operating System | Juniper | Junos | 16.1 | r3-s11 | All | All |
| Operating System | Juniper | Junos | 16.1 | r3-s8 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4-s12 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4-s2 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4-s3 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4-s4 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4-s6 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4-s8 | All | All |
| Operating System | Juniper | Junos | 16.1 | r4-s9 | All | All |
| Operating System | Juniper | Junos | 16.1 | r5 | All | All |
| Operating System | Juniper | Junos | 16.1 | r5-s4 | All | All |
| Operating System | Juniper | Junos | 16.1 | r6 | All | All |
| Operating System | Juniper | Junos | 16.1 | r6-s1 | All | All |
| Operating System | Juniper | Junos | 16.1 | r6-s3 | All | All |
| Operating System | Juniper | Junos | 16.1 | r6-s4 | All | All |
| Operating System | Juniper | Junos | 16.1 | r6-s6 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7-s2 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7-s3 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7-s4 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7-s5 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7-s6 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7-s7 | All | All |
| Operating System | Juniper | Junos | 16.1 | r7-s8 | All | All |
| Operating System | Juniper | Junos | 16.2 | - | All | All |
| Operating System | Juniper | Junos | 16.2 | r1 | All | All |
| Operating System | Juniper | Junos | 16.2 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s10 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s6 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s7 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s8 | All | All |
| Operating System | Juniper | Junos | 16.2 | r2-s9 | All | All |
| Operating System | Juniper | Junos | 16.2 | r3 | All | All |
| Operating System | Juniper | Junos | 17.1 | - | All | All |
| Operating System | Juniper | Junos | 17.1 | r1 | All | All |
| Operating System | Juniper | Junos | 17.1 | r1-s7 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s10 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s11 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s6 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s7 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s8 | All | All |
| Operating System | Juniper | Junos | 17.1 | r2-s9 | All | All |
| Operating System | Juniper | Junos | 17.1 | r3 | All | All |
| Operating System | Juniper | Junos | 17.1 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 17.1 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 17.2 | - | All | All |
| Operating System | Juniper | Junos | 17.2 | r1 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s7 | All | All |
| Operating System | Juniper | Junos | 17.2 | r1-s8 | All | All |
| Operating System | Juniper | Junos | 17.2 | r2 | All | All |
| Operating System | Juniper | Junos | 17.2 | r2-s11 | All | All |
| Operating System | Juniper | Junos | 17.2 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 17.2 | r2-s6 | All | All |
| Operating System | Juniper | Junos | 17.2 | r2-s7 | All | All |
| Operating System | Juniper | Junos | 17.2 | r3 | All | All |
| Operating System | Juniper | Junos | 17.2 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 17.2 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 17.2 | r3-s3 | All | All |
| Operating System | Juniper | Junos | 17.2 | r3-s4 | All | All |
| Operating System | Juniper | Junos | 17.3 | - | All | All |
| Operating System | Juniper | Junos | 17.3 | r1 | All | All |
| Operating System | Juniper | Junos | 17.3 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 17.3 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 17.3 | r2 | All | All |
| Operating System | Juniper | Junos | 17.3 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 17.3 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 17.3 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 17.3 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 17.3 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3 | - | All |
| Operating System | Juniper | Junos | 17.3 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s10 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s3 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s4 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s5 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s6 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s7 | All | All |
| Operating System | Juniper | Junos | 17.3 | r3-s8 | All | All |
| Operating System | Juniper | Junos | 17.4 | - | All | All |
| Operating System | Juniper | Junos | 17.4 | r1 | All | All |
| Operating System | Juniper | Junos | 17.4 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 17.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 17.4 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 17.4 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 17.4 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 17.4 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 17.4 | r1-s7 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s10 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s11 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s6 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s7 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s8 | All | All |
| Operating System | Juniper | Junos | 17.4 | r2-s9 | All | All |
| Operating System | Juniper | Junos | 17.4 | r3 | All | All |
| Operating System | Juniper | Junos | 17.4 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 18.1 | - | All | All |
| Operating System | Juniper | Junos | 18.1 | r1 | All | All |
| Operating System | Juniper | Junos | 18.1 | r2 | All | All |
| Operating System | Juniper | Junos | 18.1 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 18.1 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 18.1 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s10 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s3 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s4 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s5 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s6 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s7 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s8 | All | All |
| Operating System | Juniper | Junos | 18.1 | r3-s9 | All | All |
| Operating System | Juniper | Junos | 18.2 | - | All | All |
| Operating System | Juniper | Junos | 18.2 | r1 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s6 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s7 | All | All |
| Operating System | Juniper | Junos | 18.2 | r3 | All | All |
| Operating System | Juniper | Junos | 18.2 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 18.2 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 18.2 | r3-s3 | All | All |
| Operating System | Juniper | Junos | 18.2 | r3-s4 | All | All |
| Operating System | Juniper | Junos | 18.3 | - | All | All |
| Operating System | Juniper | Junos | 18.3 | r1 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 18.3 | r3 | All | All |
| Operating System | Juniper | Junos | 18.3 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 18.3 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 18.4 | - | All | All |
| Operating System | Juniper | Junos | 18.4 | r1 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s7 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 18.4 | r3 | All | All |
| Operating System | Juniper | Junos | 18.4 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 18.4 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 18.4 | r3-s3 | All | All |
| Operating System | Juniper | Junos | 19.1 | - | All | All |
| Operating System | Juniper | Junos | 19.1 | r1 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 19.1 | r2 | All | All |
| Operating System | Juniper | Junos | 19.1 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 19.1 | r3 | All | All |
| Operating System | Juniper | Junos | 19.1 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 19.2 | - | All | All |
| Operating System | Juniper | Junos | 19.2 | r1 | All | All |
| Operating System | Juniper | Junos | 19.2 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 19.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 19.2 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 19.2 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 19.2 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 19.2 | r2 | All | All |
| Operating System | Juniper | Junos | 19.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 19.3 | - | All | All |
| Operating System | Juniper | Junos | 19.3 | r1 | All | All |
| Operating System | Juniper | Junos | 19.3 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 19.3 | r2 | All | All |
| Operating System | Juniper | Junos | 19.3 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 19.3 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 19.3 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 19.3 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 19.3 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 19.4 | r1 | All | All |
| Operating System | Juniper | Junos | 19.4 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 19.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 19.4 | r2 | All | All |
| Operating System | Juniper | Junos | 19.4 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 19.4 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 19.4 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 20.1 | r1 | All | All |
| Operating System | Juniper | Junos | 20.1 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 20.1 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 20.1 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 20.1 | r1-s4 | All | All |
| Hardware | Juniper | Qfx10002-32q | - | All | All | All |
| Hardware | Juniper | Qfx10002-60c | - | All | All | All |
| Hardware | Juniper | Qfx10002-72q | - | All | All | All |
| Hardware | Juniper | Qfx10008 | - | All | All | All |
| Hardware | Juniper | Qfx10016 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 2021-04 Security Bulletin: Junos OS: QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: In EVPN-VXLAN scenarios receipt of specific genuine packets by an adjacent attacker will cause a kernel memory leak in FPC. (CVE-2021-0272) - Juniper Networks | MISC | kb.juniper.net | |
| [QFX] EVPN VXLAN configuration knobs and caveats - Juniper Networks | MISC | kb.juniper.net | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.