CVE-2021-31383: Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various crafted packets causes RPD to core.
First published: Tue Oct 19 2021(Updated: )
In Point to MultiPoint (P2MP) scenarios within established sessions between network or adjacent neighbors the improper use of a source to destination copy write operation combined with a Stack-based Buffer Overflow on certain specific packets processed by the routing protocol daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved sent by a remote unauthenticated network attacker causes the RPD to crash causing a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.2R1. Juniper Networks Junos OS Evolved 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Junos OS Evolved | =19.2 | |
| Junos OS Evolved | =19.2-r1 | |
| Junos OS Evolved | =19.2-r1-s1 | |
| Junos OS Evolved | =19.2-r1-s2 | |
| Junos OS Evolved | =19.2-r1-s3 | |
| Junos OS Evolved | =19.2-r1-s4 | |
| Junos OS Evolved | =19.2-r1-s5 | |
| Junos OS Evolved | =19.2-r1-s6 | |
| Junos OS Evolved | =19.2-r2 | |
| Junos OS Evolved | =19.2-r2-s1 | |
| Junos OS Evolved | =19.2-r3 | |
| Junos OS Evolved | =19.2-r3-s1 | |
| Junos OS Evolved | =19.3 | |
| Junos OS Evolved | =19.3-r1 | |
| Junos OS Evolved | =19.3-r1-s1 | |
| Junos OS Evolved | =19.3-r2 | |
| Junos OS Evolved | =19.3-r2-s1 | |
| Junos OS Evolved | =19.3-r2-s2 | |
| Junos OS Evolved | =19.3-r2-s3 | |
| Junos OS Evolved | =19.3-r2-s4 | |
| Junos OS Evolved | =19.3-r2-s5 | |
| Junos OS Evolved | =19.3-r3 | |
| Junos OS Evolved | =19.3-r3-s1 | |
| Junos OS Evolved | =19.4-r1 | |
| Junos OS Evolved | =19.4-r1-s1 | |
| Junos OS Evolved | =19.4-r1-s2 | |
| Junos OS Evolved | =19.4-r1-s3 | |
| Junos OS Evolved | =19.4-r2 | |
| Junos OS Evolved | =19.4-r2-s1 | |
| Junos OS Evolved | =19.4-r2-s2 | |
| Junos OS Evolved | =19.4-r2-s3 | |
| Junos OS Evolved | =19.4-r3 | |
| Junos OS Evolved | =19.4-r3-s1 | |
| Junos OS Evolved | =19.4-r3-s2 | |
| Junos OS Evolved | =20.1-r1 | |
| Junos OS Evolved | =20.1-r1-s1 | |
| Junos OS Evolved | =20.1-r1-s2 | |
| Junos OS Evolved | =20.1-r1-s3 | |
| Junos OS Evolved | =20.1-r1-s4 | |
| Junos OS Evolved | =20.1-r2 | |
| Junos OS Evolved | =20.1-r2-s1 | |
| Junos OS Evolved | =20.2-r1 | |
| Junos OS Evolved | =20.2-r1-s1 | |
| Junos OS Evolved | =20.2-r1-s2 | |
| Junos OS Evolved | =20.2-r1-s3 | |
| Junos OS Evolved | =20.2-r2 | |
| Junos OS Evolved | =20.2-r2-s1 | |
| Junos OS Evolved | =20.2-r2-s2 | |
| Junos OS Evolved | =20.3-r1 | |
| Junos OS Evolved | =20.3-r1-s1 | |
| Juniper JUNOS | =20.1 | |
| Juniper JUNOS | =20.1-r1 | |
| Juniper JUNOS | =20.1-r1-s1 | |
| Juniper JUNOS | =20.1-r2 | |
| Juniper JUNOS | =20.1-r2-s1 | |
| Juniper JUNOS | =20.1-r2-s2 | |
| Juniper JUNOS | =20.1-r2-s3 | |
| Juniper JUNOS | =20.1-r2-s4 | |
| Juniper JUNOS | =20.1-r2-s5 | |
| Juniper JUNOS | =20.2 | |
| Juniper JUNOS | =20.2-r1 | |
| Juniper JUNOS | =20.2-r1-s1 | |
| Juniper JUNOS | =20.2-r2 | |
| Juniper JUNOS | =20.2-r2-s1 | |
| Juniper JUNOS | =20.3 | |
| Juniper JUNOS | =20.3-r1 | |
| Juniper JUNOS | =20.3-r1-s1 | |
| Juniper JUNOS | =20.3-r1-s2 | |
| Juniper JUNOS | =20.3-r1-s3 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS: 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases. Junos OS Evolved: 20.1R3-EVO, 20.2R3-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-31383?
CVE-2021-31383 has been classified as a critical severity vulnerability due to its potential to cause a stack-based buffer overflow.
How do I fix CVE-2021-31383?
To fix CVE-2021-31383, update your Juniper JUNOS software to the latest patched version that addresses this vulnerability.
What are the affected versions associated with CVE-2021-31383?
CVE-2021-31383 affects Juniper JUNOS versions including 19.2, 19.3, 19.4, and 20.1 as well as various sub-releases.
What types of systems are vulnerable to CVE-2021-31383?
Systems utilizing Juniper JUNOS software in Point to MultiPoint scenarios can be vulnerable to CVE-2021-31383.
Can CVE-2021-31383 be exploited remotely?
Yes, CVE-2021-31383 can be exploited remotely under specific conditions related to packet processing in the routing protocol daemon.
- agent/type
- agent/author
- agent/weakness
- agent/references
- agent/title
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/junos os evolved
- version/junos os evolved/19.2
- version/junos os evolved/19.2-r1
- version/junos os evolved/19.2-r1-s1
- version/junos os evolved/19.2-r1-s2
- version/junos os evolved/19.2-r1-s3
- version/junos os evolved/19.2-r1-s4
- version/junos os evolved/19.2-r1-s5
- version/junos os evolved/19.2-r1-s6
- version/junos os evolved/19.2-r2
- version/junos os evolved/19.2-r2-s1
- version/junos os evolved/19.2-r3
- version/junos os evolved/19.2-r3-s1
- version/junos os evolved/19.3
- version/junos os evolved/19.3-r1
- version/junos os evolved/19.3-r1-s1
- version/junos os evolved/19.3-r2
- version/junos os evolved/19.3-r2-s1
- version/junos os evolved/19.3-r2-s2
- version/junos os evolved/19.3-r2-s3
- version/junos os evolved/19.3-r2-s4
- version/junos os evolved/19.3-r2-s5
- version/junos os evolved/19.3-r3
- version/junos os evolved/19.3-r3-s1
- version/junos os evolved/19.4-r1
- version/junos os evolved/19.4-r1-s1
- version/junos os evolved/19.4-r1-s2
- version/junos os evolved/19.4-r1-s3
- version/junos os evolved/19.4-r2
- version/junos os evolved/19.4-r2-s1
- version/junos os evolved/19.4-r2-s2
- version/junos os evolved/19.4-r2-s3
- version/junos os evolved/19.4-r3
- version/junos os evolved/19.4-r3-s1
- version/junos os evolved/19.4-r3-s2
- version/junos os evolved/20.1-r1
- version/junos os evolved/20.1-r1-s1
- version/junos os evolved/20.1-r1-s2
- version/junos os evolved/20.1-r1-s3
- version/junos os evolved/20.1-r1-s4
- version/junos os evolved/20.1-r2
- version/junos os evolved/20.1-r2-s1
- version/junos os evolved/20.2-r1
- version/junos os evolved/20.2-r1-s1
- version/junos os evolved/20.2-r1-s2
- version/junos os evolved/20.2-r1-s3
- version/junos os evolved/20.2-r2
- version/junos os evolved/20.2-r2-s1
- version/junos os evolved/20.2-r2-s2
- version/junos os evolved/20.3-r1
- version/junos os evolved/20.3-r1-s1
- canonical/juniper junos
- version/juniper junos/20.1
- version/juniper junos/20.1-r1
- version/juniper junos/20.1-r1-s1
- version/juniper junos/20.1-r2
- version/juniper junos/20.1-r2-s1
- version/juniper junos/20.1-r2-s2
- version/juniper junos/20.1-r2-s3
- version/juniper junos/20.1-r2-s4
- version/juniper junos/20.1-r2-s5
- version/juniper junos/20.2
- version/juniper junos/20.2-r1
- version/juniper junos/20.2-r1-s1
- version/juniper junos/20.2-r2
- version/juniper junos/20.2-r2-s1
- version/juniper junos/20.3
- version/juniper junos/20.3-r1
- version/juniper junos/20.3-r1-s1
- version/juniper junos/20.3-r1-s2
- version/juniper junos/20.3-r1-s3