Juniper Networks Junos OS Heap-Based Buffer Overflow Vulnerability in EX and QFX Series Switches Allowing Denial-of-Service and Potential Remote Code Execution

A heap-based buffer overflow vulnerability has been identified in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS. This vulnerability affects EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series switches. The issue allows an attacker to send a specific DHCP packet to the device, causing the FPC to crash and restart, which leads to a denial-of-service (DoS) condition. If DHCP Option 82 is enabled, the vulnerability could also result in memory corruption, disrupting packet forwarding. Furthermore, due to the nature of the heap-based overflow, there is a possibility of remote code execution within the FPC, granting complete control over the vulnerable component.

Impact

Exploitation of this vulnerability causes the FPC to crash, disrupts packet forwarding, and creates a sustained denial-of-service condition. Additionally, the heap-based buffer overflow could be exploited for remote code execution within the FPC, allowing complete control over the vulnerable component.

Remediation

Users can upgrade to Junos OS versions 21.4R3-S9, 22.2R3-S5, 22.4R3-S5, 23.2R2-S3, 23.4R2-S3, or 24.2R2 to address this vulnerability.