CVE-2020-1653Improper Handling of Invalid Use of Special Elements in Networks Junos OS

CWE-159Improper Handling of Invalid Use of Special ElementsCWE-772Missing Release of Resource after Effective Lifetime4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 35.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJul 17
Latest updateMay 24

Description

On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may cause mbuf leak which can lead to Flexible PIC Concentrator (FPC) crash or the system to crash and restart (vmcore). This issue can be trigged by IPv4 or IPv6 and it is caused only by TCP packets. This issue is not related to any specific configuration and it affects Junos OS releases starting from 17.4R1. However, this issue does not affect Junos OS releases prior to 18.2R1 when Nonstop active rout

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os17.417.4R2-S11, 17.4R3-S2+9
NVDjuniper/junos10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-q694-5rvh-m24r: On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may cause mbuf leak which can lead to Flexible PIC Conce2022-05-24
CVEList
Junos OS: Kernel crash (vmcore) or FPC crash due to mbuf leak2020-07-17

📋Vendor Advisories

1
Juniper
CVE-2020-1653: On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may cause mbuf leak which can lead to Flexible PIC Conce2020-07-17
CVE-2020-1653 — Juniper Networks Junos OS vulnerability | cvebase