Juniper Networks Junos OS and Junos OS Evolved Packet Forwarding Engine Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved. This vulnerability allows an adjacent, unauthenticated attacker to cause a Forwarding Plane Component (FPC) to crash. The issue arises in an EVPN-VXLAN scenario when specific ARP packets are received on an IPv4 network or certain NDP packets are received on an IPv6 network. These packets trigger kernel heap memory leaks, leading to an FPC crash and subsequent restart. The vulnerability does not affect MX Series platforms.

Impact

Exploitation of this vulnerability causes the affected FPC to crash and restart, disrupting network services.

Reproduction

The vulnerability can be reproduced by sending specific ARP packets over an IPv4 network or specific NDP packets over an IPv6 network in an EVPN-VXLAN scenario on a vulnerable Junos OS or Junos OS Evolved platform, excluding MX Series platforms.

Remediation

Users can upgrade to Junos OS versions 21.2R3-S7, 21.4R3-S4, 22.2R3-S1, 22.3R3-S1, or 22.4R3. For Junos OS Evolved, users can upgrade to versions 21.2R3-S7-EVO, 21.4R3-S4-EVO, 22.2R3-S1-EVO, 22.3R3-S1-EVO, or 22.4R3-EVO.