juniper junos 未加控制的资源消耗(资源穷尽)
CVE编号
CVE-2021-31368利用情况
暂无补丁情况
N/A披露时间
2021-10-20漏洞描述
An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks JUNOS OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. Continued receipted of a flood will create a sustained Denial of Service (DoS) condition. Once the flood subsides the system will recover by itself. An indication that the system is affected by this issue would be that kernel and netisr process are shown to be using a lot of CPU cycles like in the following example output: user@host> show system processes extensive ... PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 16 root -72 - 0K 304K WAIT 1 839:40 88.96% intr{swi1: netisr 0} 0 root 97 - 0K 160K RUN 1 732:43 87.99% kernel{bcm560xgmac0 que} This issue affects Juniper Networks JUNOS OS on EX2300 Series, EX3400 Series, and ACX710: All versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S9; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2.解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| https://kb.juniper.net/JSA11230 |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | * | Up to (excluding) 18.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 18.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 18.2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 18.3 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 18.4 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 19.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 19.2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 19.3 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 19.4 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 20.1 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 20.2 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 20.3 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | juniper | junos | 20.4 | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | juniper | acx710 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | juniper | ex2300 | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | juniper | ex2300-c | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | juniper | ex2300m | - | - | |||||
| 运行在以下环境 | |||||||||
| 硬件 | juniper | ex3400 | - | - | |||||
- 攻击路径 网络
- 攻击复杂度 低
- 权限要求 无
- 影响范围 未更改
- 用户交互 无
- 可用性 高
- 保密性 无
- 完整性 无
| CWE-ID | 漏洞类型 |
| CWE-400 | 未加控制的资源消耗(资源穷尽) |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论