An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
If an attacker sends high rate of specific ICMP traffic to a device with VXLAN configured, this causes a deadlock of the PFE and results in the device becoming unresponsive. A manual restart will be required to recover the device.
This issue only affects EX4100, EX4400, EX4600, QFX5000 Series devices.
This issue affects:
Juniper Networks Junos OS
The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Junos | Juniper | 21.4-r3 (including) | 21.4-r3 (including) |
Junos | Juniper | 21.4-r3-s1 (including) | 21.4-r3-s1 (including) |
Junos | Juniper | 21.4-r3-s2 (including) | 21.4-r3-s2 (including) |
Junos | Juniper | 21.4-r3-s3 (including) | 21.4-r3-s3 (including) |
Junos | Juniper | 22.1-r3 (including) | 22.1-r3 (including) |
Junos | Juniper | 22.1-r3-s1 (including) | 22.1-r3-s1 (including) |
Junos | Juniper | 22.1-r3-s2 (including) | 22.1-r3-s2 (including) |
Junos | Juniper | 22.2-r2 (including) | 22.2-r2 (including) |
Junos | Juniper | 22.2-r2-s1 (including) | 22.2-r2-s1 (including) |
Junos | Juniper | 22.2-r2-s2 (including) | 22.2-r2-s2 (including) |
Junos | Juniper | 22.2-r3 (including) | 22.2-r3 (including) |
Junos | Juniper | 22.3 (including) | 22.3 (including) |
Junos | Juniper | 22.3-r1 (including) | 22.3-r1 (including) |
Junos | Juniper | 22.3-r1-s1 (including) | 22.3-r1-s1 (including) |
Junos | Juniper | 22.3-r1-s2 (including) | 22.3-r1-s2 (including) |
Junos | Juniper | 22.3-r2 (including) | 22.3-r2 (including) |
Junos | Juniper | 22.3-r2-s1 (including) | 22.3-r2-s1 (including) |
Junos | Juniper | 22.4 (including) | 22.4 (including) |
Junos | Juniper | 22.4-r1 (including) | 22.4-r1 (including) |
Junos | Juniper | 22.4-r1-s1 (including) | 22.4-r1-s1 (including) |
Junos | Juniper | 22.4-r1-s2 (including) | 22.4-r1-s2 (including) |
Junos | Juniper | 23.1-r1 (including) | 23.1-r1 (including) |
Often, complex inputs are expected to follow a particular syntax, which is either assumed by the input itself, or declared within metadata such as headers. The syntax could be for data exchange formats, markup languages, or even programming languages. When untrusted input is not properly validated for the expected syntax, attackers could cause parsing failures, trigger unexpected errors, or expose latent vulnerabilities that might not be directly exploitable if the input had conformed to the syntax.