Overview
- Description
- On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match policy | match evpn" command multiple times to check if memory (Alloc Blocks value) is increasing. root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 3330678 79936272 3330678 79936272 root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 36620255 878886120 36620255 878886120 This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R2; 20.1 versions prior to 20.1R1-S4, 20.1R2; Juniper Networks Junos OS Evolved: 19.4 versions; 20.1 versions prior to 20.1R1-S4-EVO, 20.1R2-EVO; 20.2 versions prior to 20.2R1-EVO; This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.
- Source
- sirt@juniper.net
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.9
- Impact score
- 2.9
- Exploitability score
- 5.5
- Vector string
- AV:A/AC:M/Au:N/C:N/I:N/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883"
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634"
},
{
"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0"
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35"
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E"
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F"
},
{
"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83447F3F-79A3-41DF-8FD1-31DCFCBE40A4"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B14CED1-BEAF-4343-A05D-FB1E2B6AC955"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABB91C38-8C70-436A-83DB-42B8DF81D7D8"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AED25FB6-E3FA-4543-90B2-50068D683D50"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F64FBB4B-7CBF-499B-A523-804857DEFAFA"
},
{
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "487A82C9-7B7E-4ACA-BABF-65B8504079AD"
}
],
"operator": "OR"
}
]
}
]