CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
18.9%
An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to wedge and to eventually restart, resulting in a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be triggered by sending a specific malformed packet to the device. Transit traffic does not trigger this issue. An indication of this issue occurring can be seen through the following log messages: fpc0 expr_hostbound_packet_handler: Receive pe 73? fpc0 Cmerror Op Set: PE Chip: PE0[0]: PGQ:misc_intr: 0x00000020: Enqueue of a packet with out-of-range VOQ in 192K-VOQ mode (URI: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL) The logs list below can also be observed when this issue occurs fpc0 Error: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL (0x210107), scope: pfe, category: functional, severity: major, module: PE Chip, type: Description for PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL fpc0 Performing action cmalarm for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL (0x210107) in module: PE Chip with scope: pfe category: functional level: major fpc0 Error: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a), scope: pfe, category: functional, severity: fatal, module: PE Chip, type: Description for PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE fpc0 Performing action cmalarm for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a) in module: PE Chip with scope: pfe category: functional level: fatal fpc0 Performing action disable-pfe for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a) in module: PE Chip with scope: pfe category: functional level: fatal This issue affects Juniper Networks Junos OS on QFX10002: All versions prior to 19.1R3-S10; 19.4 versions prior to 19.4R3-S11; 20.2 versions prior to 20.2R3-S7; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2.
Vendor | Product | Version | CPE |
---|---|---|---|
juniper | qfx10002 | - | cpe:2.3:h:juniper:qfx10002:-:*:*:*:*:*:*:* |
juniper | junos | * | cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:* |
juniper | junos | 19.1 | cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:* |
[
{
"vendor": "Juniper Networks",
"product": "Junos OS",
"versions": [
{
"version": "unspecified",
"lessThan": "19.1R3-S10",
"status": "affected",
"versionType": "custom"
},
{
"version": "19.4",
"status": "affected",
"lessThan": "19.4R3-S11",
"versionType": "custom"
},
{
"version": "20.2",
"status": "affected",
"lessThan": "20.2R3-S7",
"versionType": "custom"
},
{
"version": "20.4",
"status": "affected",
"lessThan": "20.4R3-S6",
"versionType": "custom"
},
{
"version": "21.1",
"status": "affected",
"lessThan": "21.1R3-S4",
"versionType": "custom"
},
{
"version": "21.2",
"status": "affected",
"lessThan": "21.2R3-S4",
"versionType": "custom"
},
{
"version": "21.3",
"status": "affected",
"lessThan": "21.3R3-S3",
"versionType": "custom"
},
{
"version": "21.4",
"status": "affected",
"lessThan": "21.4R3-S2",
"versionType": "custom"
},
{
"version": "22.1",
"status": "affected",
"lessThan": "22.1R3-S1",
"versionType": "custom"
},
{
"version": "22.2",
"status": "affected",
"lessThan": "22.2R2-S1, 22.2R3",
"versionType": "custom"
},
{
"version": "22.3",
"status": "affected",
"lessThan": "22.3R1-S2, 22.3R2",
"versionType": "custom"
}
],
"platforms": [
"QFX10002"
]
}
]
More