CVE-2021-0254Incorrect Calculation of Buffer Size in Networks Junos OS

CWE-131Incorrect Calculation of Buffer SizeCWE-787Out-of-bounds Write5 documents5 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 29.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 22
Latest updateMay 24

Description

A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service (DoS) condition, or leading to remote code execution (RCE). Continued receipt and processing of these packets will sustain the partial DoS. The overlayd daemon handles Overlay OAM packets, such as ping and traceroute, sent to the overlay. The service runs as root by default

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5juniper_networks/junos_os15.115.1R7-S9+13
NVDjuniper/junos14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-fc54-68cq-7qg9: A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send speci2022-05-24
CVEList
Junos OS: Remote code execution vulnerability in overlayd service2021-04-22

📋Vendor Advisories

2
Oracle
Oracle Oracle Fusion Middleware Risk Matrix: Third Party Tools (Apache Standard Taglibs) — CVE-2015-02542021-07-15
Juniper
CVE-2021-0254: A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send speci2021-04-22
CVE-2021-0254 — Incorrect Calculation of Buffer Size | cvebase