CVE-2020-1638Use of sizeof() on a Pointer Type in Networks Junos OS

CWE-467Use of sizeof() on a Pointer TypeCWE-20Improper Input Validation4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 39.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Juniper Networks Junos OSJuniper Networks Junos OS EvolvedJuniper Junos+1 more
Timeline
PublishedApr 8
Latest updateMay 24

Description

The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet. Only packets destined to the device itself, successfully reaching the RE through existing edge and control plane filtering, will be able to cause the FPC restart. When this issue occurs, all traffic via the FPC will be dropped. By continuously sending this specific IPv4 packet, an attacker can repeatedly crash the FPC, causing an extended Denial of Service (D

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

CVEListV5juniper_networks/junos_os_evolved19.4-EVO19.4R2-EVO+2
CVEListV5juniper_networks/junos_os19.219.2R1-S4, 19.2R2+2
NVDjuniper/junos_os_evolved19.2, 19.3, 19.4+2
NVDjuniper/junos19.2, 19.3, 19.4+2

🔴Vulnerability Details

2
GHSA
GHSA-rhrx-9f9f-mfxr: The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet2022-05-24
CVEList
Junos OS & Junos OS Evolved: A specific IPv4 packet can lead to FPC restart.2020-04-08

📋Vendor Advisories

1
Juniper
CVE-2020-1638: The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet. Only packet2020-04-08
CVE-2020-1638 — Use of sizeof() on a Pointer Type | cvebase