CVE-2021-31383

Published: Oct 19, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: sirt@juniper.net (Secondary)

Description

In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.

Affected (69)

Products: Juniper: Junos, Junos Os Evolved

Juniper

2 products

Junos

Junos Os Evolved

Configuration A

69 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos	Version 19.2
Juniper Junos	Version 19.2 r1-s1
Juniper Junos	Version 19.2 r1-s2
Juniper Junos	Version 19.2 r1-s3
Juniper Junos	Version 19.2 r1-s4
Juniper Junos	Version 19.2 r1-s5
Juniper Junos	Version 19.2 r1-s6
Juniper Junos	Version 19.2 r1
Juniper Junos	Version 19.2 r2-s1
Juniper Junos	Version 19.2 r2
Juniper Junos	Version 19.2 r3-s1
Juniper Junos	Version 19.2 r3
Juniper Junos	Version 19.3
Juniper Junos	Version 19.3 r1-s1
Juniper Junos	Version 19.3 r1
Juniper Junos	Version 19.3 r2-s1
Juniper Junos	Version 19.3 r2-s2
Juniper Junos	Version 19.3 r2-s3
Juniper Junos	Version 19.3 r2-s4
Juniper Junos	Version 19.3 r2-s5
Juniper Junos	Version 19.3 r2
Juniper Junos	Version 19.3 r3-s1
Juniper Junos	Version 19.3 r3
Juniper Junos	Version 19.4 r1-s1
Juniper Junos	Version 19.4 r1-s2
Juniper Junos	Version 19.4 r1-s3
Juniper Junos	Version 19.4 r1
Juniper Junos	Version 19.4 r2-s1
Juniper Junos	Version 19.4 r2-s2
Juniper Junos	Version 19.4 r2-s3
Juniper Junos	Version 19.4 r2
Juniper Junos	Version 19.4 r3-s1
Juniper Junos	Version 19.4 r3-s2
Juniper Junos	Version 19.4 r3
Juniper Junos	Version 20.1 r1-s1
Juniper Junos	Version 20.1 r1-s2
Juniper Junos	Version 20.1 r1-s3
Juniper Junos	Version 20.1 r1-s4
Juniper Junos	Version 20.1 r1
Juniper Junos	Version 20.1 r2-s1
Juniper Junos	Version 20.1 r2
Juniper Junos	Version 20.2 r1-s1
Juniper Junos	Version 20.2 r1-s2
Juniper Junos	Version 20.2 r1-s3
Juniper Junos	Version 20.2 r1
Juniper Junos	Version 20.2 r2-s1
Juniper Junos	Version 20.2 r2-s2
Juniper Junos	Version 20.2 r2
Juniper Junos	Version 20.3 r1-s1
Juniper Junos	Version 20.3 r1
Juniper Junos Os Evolved	Version 20.1
Juniper Junos Os Evolved	Version 20.1 r1-s1
Juniper Junos Os Evolved	Version 20.1 r1
Juniper Junos Os Evolved	Version 20.1 r2-s1
Juniper Junos Os Evolved	Version 20.1 r2-s2
Juniper Junos Os Evolved	Version 20.1 r2-s3
Juniper Junos Os Evolved	Version 20.1 r2-s4
Juniper Junos Os Evolved	Version 20.1 r2-s5
Juniper Junos Os Evolved	Version 20.1 r2
Juniper Junos Os Evolved	Version 20.2
Juniper Junos Os Evolved	Version 20.2 r1-s1
Juniper Junos Os Evolved	Version 20.2 r1
Juniper Junos Os Evolved	Version 20.2 r2-s1
Juniper Junos Os Evolved	Version 20.2 r2
Juniper Junos Os Evolved	Version 20.3
Juniper Junos Os Evolved	Version 20.3 r1-s1
Juniper Junos Os Evolved	Version 20.3 r1-s2
Juniper Junos Os Evolved	Version 20.3 r1-s3
Juniper Junos Os Evolved	Version 20.3 r1

Related CWEs

CWE-121

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://kb.juniper.net/JSA11251

Source: sirt@juniper.net

Vendor Advisory

https://kb.juniper.net/JSA11251

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.