CVE-2021-0254
Description
A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service (DoS) condition, or leading to remote code execution (RCE). Continued receipt and processing of these packets will sustain the partial DoS. The overlayd daemon handles Overlay OAM packets, such as ping and traceroute, sent to the overlay. The service runs as root by default and listens for UDP connections on port 4789. This issue results from improper buffer size validation, which can lead to a buffer overflow. Unauthenticated attackers can send specially crafted packets to trigger this vulnerability, resulting in possible remote code execution. overlayd runs by default in MX Series, ACX Series, and QFX Series platforms. The SRX Series does not support VXLAN and is therefore not vulnerable to this issue. Other platforms are also vulnerable if a Virtual Extensible LAN (VXLAN) overlay network is configured. This issue affects Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1.
Risk Information
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are fixed in junos 15.1R7-S9 | NCM |
| Multiple Vulnerabilities are fixed in junos 17.3R3-S11 | NCM |
| Vulnerabilities CVE-2021-0224,CVE-2021-0254,CVE-2021-0255,CVE-2021-0256 are fixed in junos 17.4R2-S13 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.1R3-S12 | NCM |
| Vulnerabilities CVE-2021-0254,CVE-2021-0255,CVE-2021-0256,CVE-2021-0259 are fixed in junos 18.2R2-S8 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.3R3-S4 | NCM |
| Vulnerabilities CVE-2021-0254,CVE-2021-0259,CVE-2021-0260 are fixed in junos 18.4R1-S8 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.1R2-S2 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.2R1-S6 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.3R3-S1 | NCM |
| Vulnerabilities CVE-2021-0235,CVE-2021-0254,CVE-2021-0259,CVE-2021-0263 are fixed in junos 19.4R2-S4 | NCM |
| Vulnerabilities CVE-2021-0254 are fixed in junos 20.1R2-S1 | NCM |
| Multiple Vulnerabilities are fixed in junos 20.2R2 | NCM |
| Vulnerabilities CVE-2021-0254 are fixed in junos 20.3R1-S1. | NCM |
| Incorrect Calculation of Buffer Size Vulnerability (CVE-2021-0254) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234