CVE-2021-0217Improper Restriction of Operations within the Bounds of a Memory Buffer in Networks Junos OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-770Allocation of Resources Without Limits or Throttling4 documents4 sources
Severity
7.4HIGHNVD
EPSS
0.1%
top 71.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 15
Latest updateMay 24

Description

A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS with DHCP local/relay server configured may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vulnerability may cause traffic to stop being forwarded, or to crashing of the fxpc process. When Packet DMA heap utilization reaches 99%, the system will become unstable. Packet DMA heap utilization can be mo

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 2.8 | Impact: 4.0

Affected Packages2 packages

CVEListV5juniper_networks/junos_os17.417.4R3-S3+10
NVDjuniper/junos11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-vwcx-7w56-22rq: A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS wit2022-05-24
CVEList
Junos OS: EX Series and QFX Series: Memory leak issue processing specific DHCP packets2021-01-15

📋Vendor Advisories

1
Juniper
CVE-2021-0217: A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS wit2021-01-15
CVE-2021-0217 — Juniper Networks Junos OS vulnerability | cvebase