CVE-2021-0209: Junos OS Evolved: Receipt of certain valid BGP update packets from BGP peers may cause RPD to core when using REGEX.
First published: Wed Jan 13 2021(Updated: )
In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service (DoS). Continued receipt of these types of valid BGP update packets will cause an extended Denial of Service condition. RPD will require a restart to recover. An indicator of compromise is to see if the file rpd.re exists by issuing the command: show system core-dumps This issue affects: Juniper Networks Junos OS Evolved 19.4 versions prior to 19.4R2-S2-EVO; 20.1 versions prior to 20.1R1-S2-EVO, 20.1R2-S1-EVO. This issue does not affect Junos OS.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos Os Evolved | =19.4-r1 | |
| Juniper Junos Os Evolved | =19.4-r2 | |
| Juniper Junos Os Evolved | =19.4-r2-s1 | |
| Juniper Junos Os Evolved | =20.1 | |
| Juniper Junos Os Evolved | =20.1-r1 | |
| Juniper Junos Os Evolved | =20.1-r1-s1 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS Evolved: 19.4R2-S2-EVO, 20.1R1-S2-EVO, 20.1R2-S1-EVO, 20.2R1-EVO and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-0209?
CVE-2021-0209 is a vulnerability in Juniper Networks Junos OS Evolved that allows an attacker to cause a Denial of Service (DoS) by sending certain valid BGP update packets.
How does CVE-2021-0209 affect Juniper Networks Junos OS Evolved?
CVE-2021-0209 affects Juniper Networks Junos OS Evolved by causing it to access an uninitialized pointer, leading to RPD crashing and a Denial of Service (DoS) condition.
What is the severity of CVE-2021-0209?
CVE-2021-0209 has a severity rating of 6.5 out of 10.
How can I fix CVE-2021-0209?
To fix CVE-2021-0209, users should upgrade to a fixed release of Juniper Networks Junos OS Evolved.
Where can I find more information about CVE-2021-0209?
More information about CVE-2021-0209 can be found in the Juniper Networks Security Advisory JSA11099.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/title
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/juniper
- canonical/juniper junos os evolved
- version/juniper junos os evolved/19.4-r1
- version/juniper junos os evolved/19.4-r2
- version/juniper junos os evolved/19.4-r2-s1
- version/juniper junos os evolved/20.1
- version/juniper junos os evolved/20.1-r1
- version/juniper junos os evolved/20.1-r1-s1