CVE-2020-1678: Junos OS and Junos OS Evolved: RPD can crash due to a slow memory leak.
First published: Fri Oct 16 2020(Updated: )
On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. If the memory is exhausted the rpd process might crash. If the issue occurs, the memory leak could be seen by executing the "show task memory detail | match policy | match evpn" command multiple times to check if memory (Alloc Blocks value) is increasing. root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 3330678 79936272 3330678 79936272 root@device> show task memory detail | match policy | match evpn ------------------------ Allocator Memory Report ------------------------ Name | Size | Alloc DTXP Size | Alloc Blocks | Alloc Bytes | MaxAlloc Blocks | MaxAlloc Bytes Policy EVPN Params 20 24 36620255 878886120 36620255 878886120 This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R2; 20.1 versions prior to 20.1R1-S4, 20.1R2; Juniper Networks Junos OS Evolved: 19.4 versions; 20.1 versions prior to 20.1R1-S4-EVO, 20.1R2-EVO; 20.2 versions prior to 20.2R1-EVO; This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =19.4-r1 | |
| Juniper JUNOS | =19.4-r1-s1 | |
| Juniper JUNOS | =19.4-r1-s2 | |
| Juniper JUNOS | =20.1-r1 | |
| Juniper JUNOS | =20.1-r1-s1 | |
| Juniper JUNOS | =20.1-r1-s2 | |
| Juniper JUNOS | =20.1-r1-s3 | |
| Juniper Junos Os Evolved | =19.4-r1 | |
| Juniper Junos Os Evolved | =19.4-r2 | |
| Juniper Junos Os Evolved | =19.4-r2-s1 | |
| Juniper Junos Os Evolved | =20.1 | |
| Juniper Junos Os Evolved | =20.1-r1 | |
| Juniper Junos Os Evolved | =20.2 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS: 19.4R2, 19.4R3, 20.1R1-S4, 20.1R2, 20.2R1 and all subsequent releases. Junos OS Evolved: 20.1R1-S4-EVO, 20.1R2-EVO, 20.2R1-EVO, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/severity
- agent/references
- agent/remedy
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/19.4-r1
- version/juniper junos/19.4-r1-s1
- version/juniper junos/19.4-r1-s2
- version/juniper junos/20.1-r1
- version/juniper junos/20.1-r1-s1
- version/juniper junos/20.1-r1-s2
- version/juniper junos/20.1-r1-s3
- canonical/juniper junos os evolved
- version/juniper junos os evolved/19.4-r1
- version/juniper junos os evolved/19.4-r2
- version/juniper junos os evolved/19.4-r2-s1
- version/juniper junos os evolved/20.1
- version/juniper junos os evolved/20.1-r1
- version/juniper junos os evolved/20.2