CVE-2021-0202: Junos OS: MX Series, EX9200 Series: Trio-based MPC memory leak when Integrated Routing and Bridging (IRB) interface is mapped to a VPLS instance or a Bridge-Domain
First published: Fri Jan 15 2021(Updated: )
On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. When this issue occurs, there will be temporary traffic interruption until the MPC is restored. An administrator can use the following CLI command to monitor the status of memory usage level of the MPC: user@device> show system resource-monitor fpc FPC Resource Usage Summary Free Heap Mem Watermark : 20 % Free NH Mem Watermark : 20 % Free Filter Mem Watermark : 20 % * - Watermark reached Slot # % Heap Free RTT Average RTT 1 87 PFE # % ENCAP mem Free % NH mem Free % FW mem Free 0 NA 88 99 1 NA 89 99 When the issue is occurring, the value of “% NH mem Free” will go down until the MPC restarts. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). Please refer to https://kb.juniper.net/KB25385 for the list of Trio-based PFEs. This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3R3-S8; 17.4R3-S2; 18.2R3-S4, 18.2R3-S5; 18.3R3-S2, 18.3R3-S3; 18.4 versions starting from 18.4R3-S1 and later versions prior to 18.4R3-S6; 19.2 versions starting from 19.2R2 and later versions prior to 19.2R3-S1; 19.4 versions starting from 19.4R2 and later versions prior to 19.4R2-S3, 19.4R3; 20.2 versions starting from 20.2R1 and later versions prior to 20.2R1-S3, 20.2R2. This issue does not affect Juniper Networks Junos OS: 18.1, 19.1, 19.3, 20.1.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =17.3-r3-s8 | |
| Juniper JUNOS | =17.4-r3-s2 | |
| Juniper JUNOS | =18.2-r3-s4 | |
| Juniper JUNOS | =18.2-r3-s5 | |
| Juniper JUNOS | =18.3-r3-s2 | |
| Juniper JUNOS | =18.3-r3-s3 | |
| Juniper JUNOS | =18.4-r3-s1 | |
| Juniper JUNOS | =18.4-r3-s2 | |
| Juniper JUNOS | =18.4-r3-s3 | |
| Juniper JUNOS | =18.4-r3-s4 | |
| Juniper JUNOS | =18.4-r3-s5 | |
| Juniper JUNOS | =19.2-r2 | |
| Juniper JUNOS | =19.2-r3 | |
| Juniper JUNOS | =19.4-r2 | |
| Juniper JUNOS | =19.4-r2-s1 | |
| Juniper JUNOS | =19.4-r2-s2 | |
| Juniper JUNOS | =20.2-r1 | |
| Juniper JUNOS | =20.2-r1-s1 | |
| Juniper JUNOS | =20.2-r1-s2 | |
| Juniper Ex9200 | ||
| Juniper Mx10 | ||
| Juniper Mx10000 | ||
| Juniper Mx10003 | ||
| Juniper Mx104 | ||
| Juniper Mx150 | ||
| Juniper Mx2008 | ||
| Juniper Mx2010 | ||
| Juniper Mx2020 | ||
| Juniper Mx204 | ||
| Juniper Mx240 | ||
| Juniper Mx40 | ||
| Juniper Mx480 | ||
| Juniper Mx5 | ||
| Juniper Mx80 | ||
| Juniper Mx960 |
Remedy
The following software releases have been updated to resolve this specific issue: 17.3R3-S9, 17.4R3-S3, 18.2R3-S6, 18.3R3-S4, 18.4R3-S6, 19.2R3-S1, 19.4R2-S3, 19.4R3, 20.2R1-S3, 20.2R2, 20.3R1, and all subsequent releases. The fix has been proactively committed to other releases as well.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Juniper Networks vulnerability?
The vulnerability ID is CVE-2021-0202.
Which platforms are affected by CVE-2021-0202?
Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) are affected.
What is the severity of CVE-2021-0202?
The severity of CVE-2021-0202 is high with a CVSS score of 7.5.
How does CVE-2021-0202 impact Juniper Networks devices?
Certain network events at Customer Edge (CE) device may cause memory leaks and eventual denial of service on affected devices.
How can I fix the CVE-2021-0202 vulnerability?
Update to a fixed release of Juniper JUNOS software as mentioned in the Juniper advisory.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- agent/references
- agent/severity
- agent/author
- agent/title
- agent/remedy
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/17.3-r3-s8
- version/juniper junos/17.4-r3-s2
- version/juniper junos/18.2-r3-s4
- version/juniper junos/18.2-r3-s5
- version/juniper junos/18.3-r3-s2
- version/juniper junos/18.3-r3-s3
- version/juniper junos/18.4-r3-s1
- version/juniper junos/18.4-r3-s2
- version/juniper junos/18.4-r3-s3
- version/juniper junos/18.4-r3-s4
- version/juniper junos/18.4-r3-s5
- version/juniper junos/19.2-r2
- version/juniper junos/19.2-r3
- version/juniper junos/19.4-r2
- version/juniper junos/19.4-r2-s1
- version/juniper junos/19.4-r2-s2
- version/juniper junos/20.2-r1
- version/juniper junos/20.2-r1-s1
- version/juniper junos/20.2-r1-s2
- canonical/juniper ex9200
- canonical/juniper mx10
- canonical/juniper mx10000
- canonical/juniper mx10003
- canonical/juniper mx104
- canonical/juniper mx150
- canonical/juniper mx2008
- canonical/juniper mx2010
- canonical/juniper mx2020
- canonical/juniper mx204
- canonical/juniper mx240
- canonical/juniper mx40
- canonical/juniper mx480
- canonical/juniper mx5
- canonical/juniper mx80
- canonical/juniper mx960