Juniper Junos Kernel Crash (vmcore) or FPC Crash (JSA11040)

high Nessus Plugin ID 138905

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

According to its self-reported version, the Junos OS installed on the remote host is affected by a denial of service (DoS) vulnerability. On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine (RE) may cause mbuf leak which can lead to Flexible PIC Concentrator (FPC) crash or the system to crash and restart (vmcore).
This issue can be trigged by IPv4 or IPv6 and it is caused only by TCP packets. This issue is not related to any specific configuration and it affects Junos OS releases starting from 17.4R1. However, this issue does not affect Junos OS releases prior to 18.2R1 when Nonstop active routing (NSR) is configured [edit routing-options nonstop-routing].
The number of mbufs is platform dependent. Once the device runs out of mbufs, the FPC crashes or the vmcore occurs and the device might become inaccessible requiring a manual restart.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported versio number.

Solution

Apply the relevant Junos software release referenced in Juniper advisory JSA11040

See Also

http://www.nessus.org/u?b98f44fc

Plugin Details

Severity: High

ID: 138905

File Name: juniper_jsa11040.nasl

Version: 1.9

Type: combined

Published: 7/24/2020

Updated: 7/20/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2020-1653

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/JUNOS/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 7/8/2020

Vulnerability Publication Date: 7/8/2020

Reference Information

CVE: CVE-2020-1653

IAVA: 2020-A-0320-S

JSA: JSA11040