CVE-2020-1670: Junos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packets
First published: Fri Oct 16 2020(Updated: )
On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is connected. This issue occurs when the packets enter to the IRB interface. Only IPv4 packets can trigger this issue. IPv6 packets cannot trigger this issue. This issue affects Juniper Networks Junos OS on EX4300 series: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions prior to 18.1R3-S10; 18.2 versions prior to 18.2R3-S4; 18.3 versions prior to 18.3R2-S4, 18.3R3-S2; 18.4 versions prior to 18.4R2-S4, 18.4R3-S2; 19.1 versions prior to 19.1R2-S2, 19.1R3-S1; 19.2 versions prior to 19.2R1-S5, 19.2R2-S1, 19.2R3; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2; 20.1 versions prior to 20.1R1-S3, 20.1R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =17.3 | |
| Juniper JUNOS | =17.3-r1-s1 | |
| Juniper JUNOS | =17.3-r2 | |
| Juniper JUNOS | =17.3-r2-s1 | |
| Juniper JUNOS | =17.3-r2-s2 | |
| Juniper JUNOS | =17.3-r2-s3 | |
| Juniper JUNOS | =17.3-r2-s4 | |
| Juniper JUNOS | =17.3-r2-s5 | |
| Juniper JUNOS | =17.3-r3 | |
| Juniper JUNOS | =17.3-r3-s1 | |
| Juniper JUNOS | =17.3-r3-s2 | |
| Juniper JUNOS | =17.3-r3-s3 | |
| Juniper JUNOS | =17.3-r3-s4 | |
| Juniper JUNOS | =17.3-r3-s7 | |
| Juniper JUNOS | =17.3-r3-s8 | |
| Juniper JUNOS | =17.4 | |
| Juniper JUNOS | =17.4-r1 | |
| Juniper JUNOS | =17.4-r1-s1 | |
| Juniper JUNOS | =17.4-r1-s2 | |
| Juniper JUNOS | =17.4-r1-s4 | |
| Juniper JUNOS | =17.4-r1-s5 | |
| Juniper JUNOS | =17.4-r1-s6 | |
| Juniper JUNOS | =17.4-r1-s7 | |
| Juniper JUNOS | =17.4-r2 | |
| Juniper JUNOS | =17.4-r2-s1 | |
| Juniper JUNOS | =17.4-r2-s10 | |
| Juniper JUNOS | =17.4-r2-s2 | |
| Juniper JUNOS | =17.4-r2-s3 | |
| Juniper JUNOS | =17.4-r2-s4 | |
| Juniper JUNOS | =17.4-r2-s5 | |
| Juniper JUNOS | =17.4-r2-s6 | |
| Juniper JUNOS | =17.4-r2-s7 | |
| Juniper JUNOS | =17.4-r2-s8 | |
| Juniper JUNOS | =17.4-r2-s9 | |
| Juniper JUNOS | =18.1 | |
| Juniper JUNOS | =18.1-r1 | |
| Juniper JUNOS | =18.1-r2 | |
| Juniper JUNOS | =18.1-r2-s1 | |
| Juniper JUNOS | =18.1-r2-s2 | |
| Juniper JUNOS | =18.1-r2-s4 | |
| Juniper JUNOS | =18.1-r3 | |
| Juniper JUNOS | =18.1-r3-s1 | |
| Juniper JUNOS | =18.1-r3-s2 | |
| Juniper JUNOS | =18.1-r3-s3 | |
| Juniper JUNOS | =18.1-r3-s4 | |
| Juniper JUNOS | =18.1-r3-s6 | |
| Juniper JUNOS | =18.1-r3-s7 | |
| Juniper JUNOS | =18.1-r3-s8 | |
| Juniper JUNOS | =18.1-r3-s9 | |
| Juniper JUNOS | =18.2 | |
| Juniper JUNOS | =18.2-r1 | |
| Juniper JUNOS | =18.2-r1 | |
| Juniper JUNOS | =18.2-r1-s3 | |
| Juniper JUNOS | =18.2-r1-s4 | |
| Juniper JUNOS | =18.2-r1-s5 | |
| Juniper JUNOS | =18.2-r2 | |
| Juniper JUNOS | =18.2-r2-s1 | |
| Juniper JUNOS | =18.2-r2-s2 | |
| Juniper JUNOS | =18.2-r2-s3 | |
| Juniper JUNOS | =18.2-r2-s4 | |
| Juniper JUNOS | =18.2-r2-s5 | |
| Juniper JUNOS | =18.2-r2-s6 | |
| Juniper JUNOS | =18.2-r3 | |
| Juniper JUNOS | =18.2-r3-s1 | |
| Juniper JUNOS | =18.2-r3-s2 | |
| Juniper JUNOS | =18.2-r3-s3 | |
| Juniper JUNOS | =18.3 | |
| Juniper JUNOS | =18.3-r1 | |
| Juniper JUNOS | =18.3-r1-s1 | |
| Juniper JUNOS | =18.3-r1-s2 | |
| Juniper JUNOS | =18.3-r1-s3 | |
| Juniper JUNOS | =18.3-r1-s5 | |
| Juniper JUNOS | =18.3-r1-s6 | |
| Juniper JUNOS | =18.3-r2 | |
| Juniper JUNOS | =18.3-r2-s1 | |
| Juniper JUNOS | =18.3-r2-s2 | |
| Juniper JUNOS | =18.3-r2-s3 | |
| Juniper JUNOS | =18.3-r3 | |
| Juniper JUNOS | =18.3-r3-s1 | |
| Juniper JUNOS | =18.4 | |
| Juniper JUNOS | =18.4-r1 | |
| Juniper JUNOS | =18.4-r1-s1 | |
| Juniper JUNOS | =18.4-r1-s2 | |
| Juniper JUNOS | =18.4-r1-s5 | |
| Juniper JUNOS | =18.4-r1-s6 | |
| Juniper JUNOS | =18.4-r2 | |
| Juniper JUNOS | =18.4-r2-s1 | |
| Juniper JUNOS | =18.4-r2-s2 | |
| Juniper JUNOS | =18.4-r2-s3 | |
| Juniper JUNOS | =18.4-r3 | |
| Juniper JUNOS | =18.4-r3-s1 | |
| Juniper JUNOS | =19.1 | |
| Juniper JUNOS | =19.1-r1 | |
| Juniper JUNOS | =19.1-r1-s1 | |
| Juniper JUNOS | =19.1-r1-s2 | |
| Juniper JUNOS | =19.1-r1-s3 | |
| Juniper JUNOS | =19.1-r1-s4 | |
| Juniper JUNOS | =19.1-r2 | |
| Juniper JUNOS | =19.1-r2-s1 | |
| Juniper JUNOS | =19.1-r3 | |
| Juniper JUNOS | =19.2 | |
| Juniper JUNOS | =19.2-r1 | |
| Juniper JUNOS | =19.2-r1-s1 | |
| Juniper JUNOS | =19.2-r1-s2 | |
| Juniper JUNOS | =19.2-r1-s3 | |
| Juniper JUNOS | =19.2-r1-s4 | |
| Juniper JUNOS | =19.2-r2 | |
| Juniper JUNOS | =19.3 | |
| Juniper JUNOS | =19.3-r1 | |
| Juniper JUNOS | =19.3-r1-s1 | |
| Juniper JUNOS | =19.3-r2 | |
| Juniper JUNOS | =19.3-r2-s1 | |
| Juniper JUNOS | =19.3-r2-s2 | |
| Juniper JUNOS | =19.3-r2-s3 | |
| Juniper JUNOS | =19.4-r1 | |
| Juniper JUNOS | =19.4-r1-s1 | |
| Juniper JUNOS | =19.4-r1-s2 | |
| Juniper JUNOS | =20.1-r1 | |
| Juniper JUNOS | =20.1-r1-s1 | |
| Juniper JUNOS | =20.1-r1-s2 | |
| Juniper Ex4300 |
Remedy
The following software releases have been updated to resolve this specific issue: 17.3R3-S9, 17.4R2-S11, 17.4R3-S2, 18.1R3-S10, 18.2R3-S4, 18.3R2-S4, 18.3R3-S2, 18.4R2-S4, 18.4R3-S2, 19.1R2-S2, 19.1R3-S1, 19.2R1-S5, 19.2R2-S1, 19.2R3, 19.3R2-S4, 19.3R3, 19.4R1-S3, 19.4R2, 20.1R1-S3, 20.1R2, 20.2R1 and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/weakness
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/17.3
- version/juniper junos/17.3-r1-s1
- version/juniper junos/17.3-r2
- version/juniper junos/17.3-r2-s1
- version/juniper junos/17.3-r2-s2
- version/juniper junos/17.3-r2-s3
- version/juniper junos/17.3-r2-s4
- version/juniper junos/17.3-r2-s5
- version/juniper junos/17.3-r3
- version/juniper junos/17.3-r3-s1
- version/juniper junos/17.3-r3-s2
- version/juniper junos/17.3-r3-s3
- version/juniper junos/17.3-r3-s4
- version/juniper junos/17.3-r3-s7
- version/juniper junos/17.3-r3-s8
- version/juniper junos/17.4
- version/juniper junos/17.4-r1
- version/juniper junos/17.4-r1-s1
- version/juniper junos/17.4-r1-s2
- version/juniper junos/17.4-r1-s4
- version/juniper junos/17.4-r1-s5
- version/juniper junos/17.4-r1-s6
- version/juniper junos/17.4-r1-s7
- version/juniper junos/17.4-r2
- version/juniper junos/17.4-r2-s1
- version/juniper junos/17.4-r2-s10
- version/juniper junos/17.4-r2-s2
- version/juniper junos/17.4-r2-s3
- version/juniper junos/17.4-r2-s4
- version/juniper junos/17.4-r2-s5
- version/juniper junos/17.4-r2-s6
- version/juniper junos/17.4-r2-s7
- version/juniper junos/17.4-r2-s8
- version/juniper junos/17.4-r2-s9
- version/juniper junos/18.1
- version/juniper junos/18.1-r1
- version/juniper junos/18.1-r2
- version/juniper junos/18.1-r2-s1
- version/juniper junos/18.1-r2-s2
- version/juniper junos/18.1-r2-s4
- version/juniper junos/18.1-r3
- version/juniper junos/18.1-r3-s1
- version/juniper junos/18.1-r3-s2
- version/juniper junos/18.1-r3-s3
- version/juniper junos/18.1-r3-s4
- version/juniper junos/18.1-r3-s6
- version/juniper junos/18.1-r3-s7
- version/juniper junos/18.1-r3-s8
- version/juniper junos/18.1-r3-s9
- version/juniper junos/18.2
- version/juniper junos/18.2-r1
- version/juniper junos/18.2-r1-s3
- version/juniper junos/18.2-r1-s4
- version/juniper junos/18.2-r1-s5
- version/juniper junos/18.2-r2
- version/juniper junos/18.2-r2-s1
- version/juniper junos/18.2-r2-s2
- version/juniper junos/18.2-r2-s3
- version/juniper junos/18.2-r2-s4
- version/juniper junos/18.2-r2-s5
- version/juniper junos/18.2-r2-s6
- version/juniper junos/18.2-r3
- version/juniper junos/18.2-r3-s1
- version/juniper junos/18.2-r3-s2
- version/juniper junos/18.2-r3-s3
- version/juniper junos/18.3
- version/juniper junos/18.3-r1
- version/juniper junos/18.3-r1-s1
- version/juniper junos/18.3-r1-s2
- version/juniper junos/18.3-r1-s3
- version/juniper junos/18.3-r1-s5
- version/juniper junos/18.3-r1-s6
- version/juniper junos/18.3-r2
- version/juniper junos/18.3-r2-s1
- version/juniper junos/18.3-r2-s2
- version/juniper junos/18.3-r2-s3
- version/juniper junos/18.3-r3
- version/juniper junos/18.3-r3-s1
- version/juniper junos/18.4
- version/juniper junos/18.4-r1
- version/juniper junos/18.4-r1-s1
- version/juniper junos/18.4-r1-s2
- version/juniper junos/18.4-r1-s5
- version/juniper junos/18.4-r1-s6
- version/juniper junos/18.4-r2
- version/juniper junos/18.4-r2-s1
- version/juniper junos/18.4-r2-s2
- version/juniper junos/18.4-r2-s3
- version/juniper junos/18.4-r3
- version/juniper junos/18.4-r3-s1
- version/juniper junos/19.1
- version/juniper junos/19.1-r1
- version/juniper junos/19.1-r1-s1
- version/juniper junos/19.1-r1-s2
- version/juniper junos/19.1-r1-s3
- version/juniper junos/19.1-r1-s4
- version/juniper junos/19.1-r2
- version/juniper junos/19.1-r2-s1
- version/juniper junos/19.1-r3
- version/juniper junos/19.2
- version/juniper junos/19.2-r1
- version/juniper junos/19.2-r1-s1
- version/juniper junos/19.2-r1-s2
- version/juniper junos/19.2-r1-s3
- version/juniper junos/19.2-r1-s4
- version/juniper junos/19.2-r2
- version/juniper junos/19.3
- version/juniper junos/19.3-r1
- version/juniper junos/19.3-r1-s1
- version/juniper junos/19.3-r2
- version/juniper junos/19.3-r2-s1
- version/juniper junos/19.3-r2-s2
- version/juniper junos/19.3-r2-s3
- version/juniper junos/19.4-r1
- version/juniper junos/19.4-r1-s1
- version/juniper junos/19.4-r1-s2
- version/juniper junos/20.1-r1
- version/juniper junos/20.1-r1-s1
- version/juniper junos/20.1-r1-s2
- canonical/juniper ex4300