Junos OS Evolved: Flapping management interface causes MAC learning on label-switched interfaces to stop

An Incorrect Calculation vulnerability in the Layer 2 Control

Protocol

Daemon (l2cpd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces (LSI) to stop while generating a flood of logs, resulting in high CPU usage.

When the issue is seen, the following log message will be generated:

op:1 flag:0x6 mac:xx:xx:xx:xx:xx:xx bd:2 ifl:13302 reason:0(REASON_NONE) i-op:6(INTRNL_OP_HW_FORCE_DELETE) status:10 lstatus:10 err:26(GETIFBD_VALIDATE_FAILED) err-reason 4(IFBD_VALIDATE_FAIL_EPOCH_MISMATCH) hw_wr:0x4 ctxsync:0 fwdsync:0 rtt-id:51 p_ifl:0 fwd_nh:0 svlbnh:0 event:- smask:0x100000000 dmask:0x0 mplsmask 0x1 act:0x5800 extf:0x0 pfe-id 0 hw-notif-ifl 13302 programmed-ifl 4294967295 pseudo-vtep underlay-ifl-idx 0 stack:GET_MAC, ALLOCATE_MAC, GET_IFL, GET_IFF, GET_IFBD, STOP,

This issue affects Junos OS Evolved:

• all versions before 21.4R3-S7-EVO,
• from 22.2 before 22.2R3-S4-EVO,
• from 22.3 before 22.3R3-S3-EVO,
• from 22.4 before 22.4R3-S2-EVO,
• from 23.2 before 23.2R2-S1-EVO,
• from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.