CVE-2021-0270Race Condition in Networks Junos OS

CWE-362Race ConditionCWE-416Use After Free4 documents4 sources
Severity
5.9MEDIUMNVD
CNA7.5
EPSS
0.3%
top 43.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 22
Latest updateMay 24

Description

On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) microkernel architecture of Juniper Networks Junos OS may allow an attacker to cause a Denial of Service (DoS) condition whereby one or more Flexible PIC Concentrators (FPCs) may restart. As this is a race condition situation this issue become more likely to be hit when network instability occurs, such as but not limited to BGP/IGP reconvergences, and/o

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os18.1R218.1*
NVDjuniper/junos18.1

🔴Vulnerability Details

2
GHSA
GHSA-4633-w3xc-3953: On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) micro2022-05-24
CVEList
Junos OS: PTX Series, QFX10K Series: A PTX/QFX FPC may restart unexpectedly with the "inline-Jflow" feature enabled on a large-scale deployment2021-04-22

📋Vendor Advisories

1
Juniper
CVE-2021-0270: On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) micro2021-04-22
CVE-2021-0270 — Race Condition in Networks Junos OS | cvebase