-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.3736
JSA11080 - 2020-10 Security Bulletin: Junos OS: Memory leak leads to kernel
crash (vmcore) due to SNMP polling (CVE-2020-1683)
29 October 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Junos OS
Publisher: Juniper Networks
Operating System: Juniper
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-1683
Original Bulletin:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11080
- --------------------------BEGIN INCLUDED TEXT--------------------
2020-10 Security Bulletin: Junos OS: Memory leak leads to kernel crash (vmcore) due to SNMP polling (CVE-2020-1683)
Article ID : JSA11080
Last Updated: 28 Oct 2020
Version : 2.0
Product Affected:
This issue affects Junos OS 17.4, 18.1, 18.2, 18.2X75, 18.3, 18.4, 19.1, 19.2,
19.3, 19.4.
Problem:
On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory
leak which over time leads to a kernel crash (vmcore).
Prior to the kernel crash other processes might be impacted, such as failure to
establish SSH connection to the device.
The administrator can monitor the output of the following command to check if
there is memory leak caused by this issue:
user@device> show system virtual-memory | match "pfe_ipc|kmem"
pfe_ipc 147 5K - 164352 16,32,64,8192
The post ESB-2020.3736 – [Juniper] Junos OS: Denial of service – Remote/unauthenticated appeared first on Malware Devil.
https://malwaredevil.com/2020/10/29/esb-2020-3736-juniper-junos-os-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-3736-juniper-junos-os-denial-of-service-remote-unauthenticated
No comments:
Post a Comment