CVE-2021-0215

Summary

On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. An administrator can use the following CLI command to monitor the status of memory consumption: user@device> show task memory detail Please refer to https://kb.juniper.net/KB31522 for details. This issue affects Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D54; 15.1X49 versions prior to 15.1X49-D240 ; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S8; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions prior to 18.1R3-S10 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R2-S4, 18.3R3-S2; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3-S2; 19.1 versions prior to 19.1R1-S5, 19.1R2-S2, 19.1R3; 19.2 versions prior to 19.2R1-S5, 19.2R2; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2. This issue does not affect Juniper Networks Junos OS 12.3, 15.1.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS12.3unaffected
Juniper NetworksJunos OS15.1unaffected
Juniper NetworksJunos OS14.1X53 < 14.1X53-D54affected
Juniper NetworksJunos OS15.1X49 < 15.1X49-D240affected
Juniper NetworksJunos OS15.1X53 < 15.1X53-D593affected
Juniper NetworksJunos OS16.1 < 16.1R7-S8affected
Juniper NetworksJunos OS17.2 < 17.2R3-S4affected
Juniper NetworksJunos OS17.3 < 17.3R3-S8affected
Juniper NetworksJunos OS17.4 < 17.4R2-S11, 17.4R3-S2affected
Juniper NetworksJunos OS18.1 < 18.1R3-S10affected
Juniper NetworksJunos OS18.2 < 18.2R2-S7, 18.2R3-S3affected
Juniper NetworksJunos OS18.3 < 18.3R2-S4, 18.3R3-S2affected
Juniper NetworksJunos OS18.4 < 18.4R1-S7, 18.4R2-S4, 18.4R3-S2affected
Juniper NetworksJunos OS19.1 < 19.1R1-S5, 19.1R2-S2, 19.1R3affected
Juniper NetworksJunos OS19.2 < 19.2R1-S5, 19.2R2affected
Juniper NetworksJunos OS19.3 < 19.3R2-S3, 19.3R3affected
Juniper NetworksJunos OS19.4 < 19.4R1-S2, 19.4R2affected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

Workarounds

There are no viable workarounds for this issue.

ADP Enrichment

CVE Program Container

Additional References

References