medium
6.5
CWE
401
Advisory Published
Updated

CVE-2021-0272: Junos OS: QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: In EVPN-VXLAN scenarios receipt of specific genuine packets by an adjacent attacker will cause a kernel memory leak in FPC.

First published: Thu Apr 22 2021(Updated: )

A kernel memory leak in QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016 devices Flexible PIC Concentrators (FPCs) on Juniper Networks Junos OS allows an attacker to send genuine packets destined to the device to cause a Denial of Service (DoS) to the device. On QFX10002-32Q, QFX10002-60C, QFX10002-72Q devices the device will crash and restart. On QFX10008, QFX10016 devices, depending on the number of FPCs involved in an attack, one more more FPCs may crash and traffic through the device may be degraded in other ways, until the attack traffic stops. A reboot is required to restore service and clear the kernel memory. Continued receipt and processing of these genuine packets will create a sustained Denial of Service (DoS) condition. On QFX10008, QFX10016 devices, an indicator of compromise may be the existence of DCPFE core files. You can also monitor PFE memory utilization for incremental growth: user@qfx-RE:0% cprod -A fpc0 -c "show heap 0" | grep -i ke 0 3788a1b0 3221225048 2417120656 804104392 24 Kernel user@qfx-RE:0% cprod -A fpc0 -c "show heap 0" | grep -i ke 0 3788a1b0 3221225048 2332332200 888892848 27 Kernel This issue affects: Juniper Networks Junos OS on QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016: 16.1 versions 16.1R1 and above prior to 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R3-S2; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2. This issue does not affect releases prior to Junos OS 16.1R1. This issue does not affect EX Series devices. This issue does not affect Junos OS Evolved.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Junos OS Evolved=16.1-r1
Junos OS Evolved=16.1-r2
Junos OS Evolved=16.1-r3
Junos OS Evolved=16.1-r3-s10
Junos OS Evolved=16.1-r3-s11
Junos OS Evolved=16.1-r3-s8
Junos OS Evolved=16.1-r4
Junos OS Evolved=16.1-r4-s12
Junos OS Evolved=16.1-r4-s2
Junos OS Evolved=16.1-r4-s3
Junos OS Evolved=16.1-r4-s4
Junos OS Evolved=16.1-r4-s6
Junos OS Evolved=16.1-r4-s8
Junos OS Evolved=16.1-r4-s9
Junos OS Evolved=16.1-r5
Junos OS Evolved=16.1-r5-s4
Junos OS Evolved=16.1-r6
Junos OS Evolved=16.1-r6-s1
Junos OS Evolved=16.1-r6-s3
Junos OS Evolved=16.1-r6-s4
Junos OS Evolved=16.1-r6-s6
Junos OS Evolved=16.1-r7
Junos OS Evolved=16.1-r7-s2
Junos OS Evolved=16.1-r7-s3
Junos OS Evolved=16.1-r7-s4
Junos OS Evolved=16.1-r7-s5
Junos OS Evolved=16.1-r7-s6
Junos OS Evolved=16.1-r7-s7
Junos OS Evolved=16.1-r7-s8
Junos OS Evolved=16.2
Junos OS Evolved=16.2-r1
Junos OS Evolved=16.2-r1-s6
Junos OS Evolved=16.2-r2
Junos OS Evolved=16.2-r2-s1
Junos OS Evolved=16.2-r2-s10
Junos OS Evolved=16.2-r2-s2
Junos OS Evolved=16.2-r2-s5
Junos OS Evolved=16.2-r2-s6
Junos OS Evolved=16.2-r2-s7
Junos OS Evolved=16.2-r2-s8
Junos OS Evolved=16.2-r2-s9
Junos OS Evolved=16.2-r3
Junos OS Evolved=17.1
Junos OS Evolved=17.1-r1
Junos OS Evolved=17.1-r1-s7
Junos OS Evolved=17.1-r2
Junos OS Evolved=17.1-r2-s1
Junos OS Evolved=17.1-r2-s10
Junos OS Evolved=17.1-r2-s11
Junos OS Evolved=17.1-r2-s2
Junos OS Evolved=17.1-r2-s3
Junos OS Evolved=17.1-r2-s4
Junos OS Evolved=17.1-r2-s5
Junos OS Evolved=17.1-r2-s6
Junos OS Evolved=17.1-r2-s7
Junos OS Evolved=17.1-r2-s8
Junos OS Evolved=17.1-r2-s9
Junos OS Evolved=17.1-r3
Junos OS Evolved=17.1-r3-s1
Junos OS Evolved=17.1-r3-s2
Junos OS Evolved=17.2
Junos OS Evolved=17.2-r1
Junos OS Evolved=17.2-r1-s1
Junos OS Evolved=17.2-r1-s2
Junos OS Evolved=17.2-r1-s3
Junos OS Evolved=17.2-r1-s4
Junos OS Evolved=17.2-r1-s5
Junos OS Evolved=17.2-r1-s6
Junos OS Evolved=17.2-r1-s7
Junos OS Evolved=17.2-r1-s8
Junos OS Evolved=17.2-r2
Junos OS Evolved=17.2-r2-s11
Junos OS Evolved=17.2-r2-s4
Junos OS Evolved=17.2-r2-s6
Junos OS Evolved=17.2-r2-s7
Junos OS Evolved=17.2-r3
Junos OS Evolved=17.2-r3-s1
Junos OS Evolved=17.2-r3-s2
Junos OS Evolved=17.2-r3-s3
Junos OS Evolved=17.2-r3-s4
Junos OS Evolved=17.3
Junos OS Evolved=17.3-r1
Junos OS Evolved=17.3-r1-s1
Junos OS Evolved=17.3-r1-s4
Junos OS Evolved=17.3-r2
Junos OS Evolved=17.3-r2-s1
Junos OS Evolved=17.3-r2-s2
Junos OS Evolved=17.3-r2-s3
Junos OS Evolved=17.3-r2-s4
Junos OS Evolved=17.3-r2-s5
Junos OS Evolved=17.3-r3
Junos OS Evolved=17.3-r3
Junos OS Evolved=17.3-r3-s1
Junos OS Evolved=17.3-r3-s10
Junos OS Evolved=17.3-r3-s2
Junos OS Evolved=17.3-r3-s3
Junos OS Evolved=17.3-r3-s4
Junos OS Evolved=17.3-r3-s5
Junos OS Evolved=17.3-r3-s6
Junos OS Evolved=17.3-r3-s7
Junos OS Evolved=17.3-r3-s8
Junos OS Evolved=17.4
Junos OS Evolved=17.4-r1
Junos OS Evolved=17.4-r1-s1
Junos OS Evolved=17.4-r1-s2
Junos OS Evolved=17.4-r1-s3
Junos OS Evolved=17.4-r1-s4
Junos OS Evolved=17.4-r1-s5
Junos OS Evolved=17.4-r1-s6
Junos OS Evolved=17.4-r1-s7
Junos OS Evolved=17.4-r2
Junos OS Evolved=17.4-r2-s1
Junos OS Evolved=17.4-r2-s10
Junos OS Evolved=17.4-r2-s11
Junos OS Evolved=17.4-r2-s2
Junos OS Evolved=17.4-r2-s3
Junos OS Evolved=17.4-r2-s4
Junos OS Evolved=17.4-r2-s5
Junos OS Evolved=17.4-r2-s6
Junos OS Evolved=17.4-r2-s7
Junos OS Evolved=17.4-r2-s8
Junos OS Evolved=17.4-r2-s9
Junos OS Evolved=17.4-r3
Junos OS Evolved=17.4-r3-s1
Junos OS Evolved=18.1
Junos OS Evolved=18.1-r1
Junos OS Evolved=18.1-r2
Junos OS Evolved=18.1-r2-s1
Junos OS Evolved=18.1-r2-s2
Junos OS Evolved=18.1-r2-s4
Junos OS Evolved=18.1-r3
Junos OS Evolved=18.1-r3-s1
Junos OS Evolved=18.1-r3-s10
Junos OS Evolved=18.1-r3-s2
Junos OS Evolved=18.1-r3-s3
Junos OS Evolved=18.1-r3-s4
Junos OS Evolved=18.1-r3-s5
Junos OS Evolved=18.1-r3-s6
Junos OS Evolved=18.1-r3-s7
Junos OS Evolved=18.1-r3-s8
Junos OS Evolved=18.1-r3-s9
Junos OS Evolved=18.2
Junos OS Evolved=18.2-r1
Junos OS Evolved=18.2-r1-s2
Junos OS Evolved=18.2-r1-s3
Junos OS Evolved=18.2-r1-s4
Junos OS Evolved=18.2-r1-s5
Junos OS Evolved=18.2-r2
Junos OS Evolved=18.2-r2-s1
Junos OS Evolved=18.2-r2-s2
Junos OS Evolved=18.2-r2-s3
Junos OS Evolved=18.2-r2-s4
Junos OS Evolved=18.2-r2-s5
Junos OS Evolved=18.2-r2-s6
Junos OS Evolved=18.2-r2-s7
Junos OS Evolved=18.2-r3
Junos OS Evolved=18.2-r3-s1
Junos OS Evolved=18.2-r3-s2
Junos OS Evolved=18.2-r3-s3
Junos OS Evolved=18.2-r3-s4
Junos OS Evolved=18.3
Junos OS Evolved=18.3-r1
Junos OS Evolved=18.3-r1-s1
Junos OS Evolved=18.3-r1-s2
Junos OS Evolved=18.3-r1-s3
Junos OS Evolved=18.3-r1-s4
Junos OS Evolved=18.3-r1-s5
Junos OS Evolved=18.3-r1-s6
Junos OS Evolved=18.3-r2
Junos OS Evolved=18.3-r2-s1
Junos OS Evolved=18.3-r2-s2
Junos OS Evolved=18.3-r2-s3
Junos OS Evolved=18.3-r2-s4
Junos OS Evolved=18.3-r3
Junos OS Evolved=18.3-r3-s1
Junos OS Evolved=18.3-r3-s2
Junos OS Evolved=18.4
Junos OS Evolved=18.4-r1
Junos OS Evolved=18.4-r1-s1
Junos OS Evolved=18.4-r1-s2
Junos OS Evolved=18.4-r1-s3
Junos OS Evolved=18.4-r1-s4
Junos OS Evolved=18.4-r1-s5
Junos OS Evolved=18.4-r1-s6
Junos OS Evolved=18.4-r1-s7
Junos OS Evolved=18.4-r2
Junos OS Evolved=18.4-r2-s1
Junos OS Evolved=18.4-r2-s2
Junos OS Evolved=18.4-r2-s3
Junos OS Evolved=18.4-r2-s4
Junos OS Evolved=18.4-r3
Junos OS Evolved=18.4-r3-s1
Junos OS Evolved=18.4-r3-s2
Junos OS Evolved=18.4-r3-s3
Junos OS Evolved=19.1
Junos OS Evolved=19.1-r1
Junos OS Evolved=19.1-r1-s1
Junos OS Evolved=19.1-r1-s2
Junos OS Evolved=19.1-r1-s3
Junos OS Evolved=19.1-r1-s4
Junos OS Evolved=19.1-r1-s5
Junos OS Evolved=19.1-r2
Junos OS Evolved=19.1-r2-s1
Junos OS Evolved=19.1-r3
Junos OS Evolved=19.1-r3-s1
Junos OS Evolved=19.2
Junos OS Evolved=19.2-r1
Junos OS Evolved=19.2-r1-s1
Junos OS Evolved=19.2-r1-s2
Junos OS Evolved=19.2-r1-s3
Junos OS Evolved=19.2-r1-s4
Junos OS Evolved=19.2-r1-s5
Junos OS Evolved=19.2-r2
Junos OS Evolved=19.2-r2-s1
Junos OS Evolved=19.3
Junos OS Evolved=19.3-r1
Junos OS Evolved=19.3-r1-s1
Junos OS Evolved=19.3-r2
Junos OS Evolved=19.3-r2-s1
Junos OS Evolved=19.3-r2-s2
Junos OS Evolved=19.3-r2-s3
Junos OS Evolved=19.3-r2-s4
Junos OS Evolved=19.3-r2-s5
Junos OS Evolved=19.4-r1
Junos OS Evolved=19.4-r1-s1
Junos OS Evolved=19.4-r1-s2
Junos OS Evolved=19.4-r2
Junos OS Evolved=19.4-r2-s1
Junos OS Evolved=19.4-r2-s2
Junos OS Evolved=19.4-r2-s3
Junos OS Evolved=20.1-r1
Junos OS Evolved=20.1-r1-s1
Junos OS Evolved=20.1-r1-s2
Junos OS Evolved=20.1-r1-s3
Junos OS Evolved=20.1-r1-s4
Juniper QFX10002
Juniper QFX10002
Juniper QFX10002
Juniper Networks QFX-Series
Juniper Networks QFX-Series

Remedy

The following software releases have been updated to resolve this specific issue: 17.3R3-S9, 17.4R3-S2, 18.1R3-S11, 18.2R3-S5, 18.3R3-S3, 18.4R2-S5, 18.4R3-S4, 19.1R3-S2, 19.2R3, 19.3R3, 19.4R3, 20.1R2, 20.2R1, and all subsequent releases.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-0272?

    The severity of CVE-2021-0272 is categorized as critical due to its potential to cause a Denial of Service (DoS).

  • Which devices are affected by CVE-2021-0272?

    CVE-2021-0272 affects several models including QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, and QFX10016 devices running certain versions of Junos OS.

  • How do I fix CVE-2021-0272?

    To fix CVE-2021-0272, you should upgrade to the patched version of Junos OS as recommended by Juniper Networks.

  • What types of attacks can exploit CVE-2021-0272?

    CVE-2021-0272 can be exploited through the sending of crafted packets that lead to a kernel memory leak and cause a Denial of Service.

  • Does CVE-2021-0272 require user interaction to be exploited?

    No, CVE-2021-0272 does not require user interaction; the vulnerability can be exploited remotely.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203