CVE-2020-1671 – Junos OS: Receipt of malformed DHCPv6 packets causes jdhcpd to crash.
https://notcve.org/view.php?id=CVE-2020-1671
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. This issue only affects DHCPv6, it does not affect DHCPv4. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X75 versions prior to 18.2X75-D65; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.2 version 19.2R2 and later versions; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S3, 20.1R2; This issue does not affect Juniper Networks Junos OS prior to 17.4R1. En las plataformas Juniper Networks Junos OS configuradas como servidor local DHCPv6 o DHCPv6 Relay Agent, el proceso Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) puede bloquearse con un volcado del núcleo si un paquete DHCPv6 malformado es recibido, resultando en el reinicio del demonio. Este problema solo afecta a DHCPv6, no afecta a DHCPv4. • https://kb.juniper.net/JSA11068 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVE-2020-1670 – Junos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packets
https://notcve.org/view.php?id=CVE-2020-1670
On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is connected. This issue occurs when the packets enter to the IRB interface. Only IPv4 packets can trigger this issue. IPv6 packets cannot trigger this issue. • https://kb.juniper.net https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11067&actp=SUBSCRIPTION • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-1668 – Junos OS: EX2300 Series: High CPU load due to receipt of specific multicast packets on layer 2 interface
https://notcve.org/view.php?id=CVE-2020-1668
On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. This issue occurs when multicast packets are received by the layer 2 interface. To check if the device has high CPU load due to this issue, the administrator can issue the following command: user@host> show chassis routing-engine Routing Engine status: ... Idle 2 percent the "Idle" value shows as low (2 % in the example above), and also the following command: user@host> show system processes summary ... PID USERNAME PRI NICE SIZE RES STATE TIME WCPU COMMAND 11639 root 52 0 283M 11296K select 12:15 44.97% eventd 11803 root 81 0 719M 239M RUN 251:12 31.98% fxpc{fxpc} the eventd and the fxpc processes might use higher WCPU percentage (respectively 44.97% and 31.98% in the above example). • https://kb.juniper.net/JSA11065 • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-1667 – Junos OS: MX Series: Services card might restart due to a race condition when DNS filtering is enabled.
https://notcve.org/view.php?id=CVE-2020-1667
When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. Due to this vulnerability, mspmand process, responsible for managing "URL Filtering service", can crash, causing the Services PIC to restart. While the Services PIC is restarting, all PIC services including DNS filtering service (DNS sink holing) will be bypassed until the Services PIC completes its boot process. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S8; 18.3 versions prior to 18.3R3-S1; 18.4 versions prior to 18.4R3; 19.1 versions prior to 19.1R3; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R3. This issue does not affect Juniper Networks Junos OS 17.4, 18.1, and 18.2. • https://kb.juniper.net https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11064&cat=MX_SERIES&actp=LIST • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2020-1665 – Junos OS: MX series/EX9200 Series: IPv6 DDoS protection does not work as expected.
https://notcve.org/view.php?id=CVE-2020-1665
On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting both the Routing Engine (RE) and the Flexible PIC Concentrator (FPC) during the DDoS attack. When this issue occurs, the RE and/or the FPC can become overwhelmed, which could disrupt network protocol operations and/or interrupt traffic. This issue does not affect IPv4 DDoS protection. This issue affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). • https://kb.juniper.net/JSA11062 https://kb.juniper.net/KB25385 • CWE-794: Incomplete Filtering of Multiple Instances of Special Elements •