Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.1265 JSA11148 - 2021-04 Security Bulletin: Junos OS: MX Series, EX9200 Series: Trio-based MPCs memory leak in VPLS with integrated routing and bridging (IRB) interface 15 April 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Junos OS: MX Series Junos OS: EX9200 Series Publisher: Juniper Networks Operating System: Juniper Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-0257 Original Bulletin: http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11148 - --------------------------BEGIN INCLUDED TEXT-------------------- 2021-04 Security Bulletin: Junos OS: MX Series, EX9200 Series: Trio-based MPCs memory leak in VPLS with integrated routing and bridging (IRB) interface (CVE-2021-0257) Article ID : JSA11148 Last Updated: 14 Apr 2021 Version : 2.0 Product Affected: This issue affects Junos OS 17.3, 17.4, 18.2, 18.3, 18.4, 19.2, 19.3, 19.4, 20.1, 20.2, 20.3. Affected platforms: EX9200 Series, MX Series. Problem: On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device> show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of " % NH mem Free " will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines), including MX-MPC1-3D, MX-MPC1E-3D, MX-MPC2-3D, MX-MPC2E-3D, MPC-3D-16XGE, and CHAS-MXxx Series MPCs. No other products or platforms are affected by this issue. This issue affects: Juniper Networks Junos OS on MX Series, EX9200 Series o 17.3 versions prior to 17.3R3-S10; o 17.4 versions prior to 17.4R3-S3; o 18.2 versions prior to 18.2R3-S7; o 18.3 versions prior to 18.3R3-S4; o 18.4 versions prior to 18.4R3-S6; o 19.2 versions prior to 19.2R3-S2; o 19.3 versions prior to 19.3R3-S1; o 19.4 versions prior to 19.4R2-S2, 19.4R3; o 20.2 versions prior to 20.2R1-S3, 20.2R2; o 20.3 versions prior to 20.3R1-S1,, 20.3R2. This issue does not affect Juniper Networks Junos OS: o 17.3 versions prior to 17.3R3-S8; o 17.4 versions prior to 17.4R3-S2; o any version of 18.1; o 18.2 versions prior to 18.2R3-S4; o 18.3 versions prior to 18.3R3-S2; o 18.4 versions prior to 18.4R3-S1; o any version of 19.1; o 19.2 versions prior to 19.2R2; o 19.3 versions prior to 19.3R3; o 19.4 versions prior to 19.4R2. A sample configuration of an IRB interface configured for VPLS is shown below: routing-instances { instance1 { instance-type vpls; routing-interface irb.1234; } } Juniper SIRT is not aware of any malicious exploitation of this vulnerability. This issue was seen during production usage. This issue has been assigned CVE-2021-0257 . Solution: The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S10, 17.4R3-S3, 18.2R3-S7, 18.3R3-S4, 18.4R3-S6, 19.2R3-S2, 19.3R3-S1, 19.4R2-S2, 19.4R3, 20.1R2, 20.2R1-S3, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases. This issue is being tracked as 1528641 . Workaround: There are no viable workarounds for this issue. Implementation: Software releases or updates are available for download at https:// support.juniper.net/support/downloads/ Modification History: 2021-04-14: Initial Publication. CVSS Score: 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Severity Level: Medium Severity Assessment: Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories." - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYHewveNLKJtyKPYoAQgP8hAAqgqJLXyI66V3OxcOMdVmssuvLGw/JYkF ADjgTQ+trojBAUS2zRWlHwoCHN1arApK2+DWTzihgG3IHI2Ue2QuZDzIDHBOACBr WIBbk5dPxFWCqDRRxOZGBisZawNDdwKaQzARNyBvlaHfZAONyVx/xbFDdRebKkN0 Om3udiGsmg4RVoLimZ+jc0xqNkTTQ4eAvN7S2f9NFXTkXL+g8uljM7sXxpxeTeI5 21mdFEPcyKgugobFl7jCJoGtgdbq994OJX1/zEatraEXWPMOrdn9XxQBiYntwqk5 zzIOyW5x02OeJXC5dlZzi7RFu5k2xEAbT0KkpF/XMwoTikGOpxq7Z1lQE49Tayhj gaxBdhSa6hTDz4pbgMXu9atX/sgBV5YFETqCwiKVjSk65XtF39okbIdbz/LS8q0e SG3qDcubtH79fm+jT6r5PWdCj5raGAvJ9cAKMuKPXFT3Jtgmy+AJP0Eu1HlzjLH/ QU3qZNkJEKMYBicdF8z5F71ntCYB7vIwX4N63OU3pQlN7UFUHuOeaeTVY4g2Bhz2 hyiLl/wdhb3yiGxT16IZotFVqVo7Fq281X5rjefXRtOOyhsetnQSZ+0tFq/JM5cn XXxGfHY2trPxWtsCqyc5/7I9SSWysImEnWn8io53IZ0XHgWAl8QpmQDJGJ9nlBP4 RfBlxW1uslw= =vK5D -----END PGP SIGNATURE-----