VYPR
Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Sep 16, 2024

Junos OS and Junos OS Evolved: RPD can crash due to a slow memory leak.

CVE-2020-1678

Description

On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match policy | match evpn" command multiple times to check if memory (Alloc Blocks value) is increasing. root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 3330678 79936272 3330678 79936272 root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 36620255 878886120 36620255 878886120 This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R2; 20.1 versions prior to 20.1R1-S4, 20.1R2; Juniper Networks Junos OS Evolved: 19.4 versions; 20.1 versions prior to 20.1R1-S4-EVO, 20.1R2-EVO; 20.2 versions prior to 20.2R1-EVO; This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.

Affected products

3
  • 19.4; 20.1 < 20.1R1-S4-EVO, 20.1R2-EVO; 20.2 < 20.2R1-EVO+ 1 more
    • (no CPE)range: 19.4; 20.1 < 20.1R1-S4-EVO, 20.1R2-EVO; 20.2 < 20.2R1-EVO
    • (no CPE)range: 19.4-EVO
  • Range: >=19.4, <19.4R2; >=20.1, <20.1R1-S4, <20.1R2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.