Malware Devil

Loading...

Monday, April 19, 2021

ESB-2021.1304 – [Juniper] Junos OS: EX4300: Denial of service – Remote/unauthenticated 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.1304
  JSA11135 - 2021-04 Security Bulletin: Junos OS: EX4300: FPC crash upon
receipt of specific frames on an interface without L2PT or dot1x configured
                               19 April 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Junos OS: EX4300
Publisher:         Juniper Networks
Operating System:  Juniper
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-0242  

Original Bulletin: 
   http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11135

- --------------------------BEGIN INCLUDED TEXT--------------------

2021-04 Security Bulletin: Junos OS: EX4300: FPC crash upon receipt of specific frames
on an interface without L2PT or dot1x configured (CVE-2021-0242)

Article ID  : JSA11135
Last Updated: 16 Apr 2021
Version     : 2.0

Product Affected:
This issue affects Junos OS 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2,
19.3, 19.4, 20.1, 20.2, 20.3. Affected platforms: EX4300.
Problem:

A vulnerability due to the improper handling of direct memory access (DMA)
buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker
sending specific unicast frames to trigger a Denial of Service (DoS) condition
by exhausting DMA buffers, causing the FPC to crash and the device to restart.
The DMA buffer leak is seen when receiving these specific, valid unicast frames
on an interface without Layer 2 Protocol Tunneling (L2PT) or dot1x configured.
Interfaces with either L2PT or dot1x configured are not vulnerable to this
issue.

When this issue occurs, DMA buffer usage keeps increasing and the following
error log messages may be observed:

Apr 14 14:29:34.360 /kernel: pid 64476 (pfex_junos), uid 0: exited on signal 11
(core dumped)
Apr 14 14:29:33.790 init: pfe-manager (PID 64476) terminated by signal number
11. Core dumped!

The DMA buffers on the FPC can be monitored by the executing vty command 'show
heap':

ID Base Total(b) Free(b) Used(b) % Name
- -- ---------- ----------- ----------- ----------- --- -----------
0 4a46000 268435456 238230496 30204960 11 Kernel
1 18a46000 67108864 17618536 49490328 73 Bcm_sdk
2 23737000 117440512 18414552 99025960 84 DMA buf

Read More

The post ESB-2021.1304 – [Juniper] Junos OS: EX4300: Denial of service – Remote/unauthenticated appeared first on Malware Devil.



https://malwaredevil.com/2021/04/19/esb-2021-1304-juniper-junos-os-ex4300-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1304-juniper-junos-os-ex4300-denial-of-service-remote-unauthenticated
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Barbary Pirates and Russian Cybercrime

In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...