Vulnerability Details : CVE-2020-1679

CVE Name: CVE-2020-1679: Other vulnerability on Juniper Junos, Juniper Qfx5110, Juniper Qfx10002, Juniper Qfx10016, Juniper Qfx10008, Juniper Qfx5100, Juniper Qfx5200, Juniper Qfx5120, Juniper Qfx5210, Juniper Ptx1000, Juniper Ptx10001 36Mr, Juniper Ptx100016, Juniper Ptx10002, Juniper Ptx10003, Juniper Ptx10004, Juniper Ptx10008, Juniper Ptx3000, Juniper Ptx5000, Juniper Qfx5130, Juniper Qfx5220
Description: On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. KRT is the module within the Routing Process Daemon (RPD) that synchronized the routing tables with the forwarding tables in the kernel. This table is then synchronized to the Packet Forwarding Engine (PFE) via the KRT queue. Thus, when KRT queue become stuck, it can lead to unexpected packet forwarding issues. An administrator can monitor the following command to check if there is the KRT queue is stuck: [email protected] > show krt state ... Number of async queue entries: 65007 <--- this value keep on increasing. When this issue occurs, the following message might appear in the /var/log/messages: DATE DEVICE kernel: %KERN-3: rt_pfe_veto: Too many delayed route/nexthop unrefs. Op 2 err 55, rtsm_id 5:-1, msg type 2 DATE DEVICE kernel: %KERN-3: rt_pfe_veto: Memory usage of M_RTNEXTHOP type = (0) Max size possible for M_RTNEXTHOP type = (7297134592) Current delayed unref = (60000), Current unique delayed unref = (18420), Max delayed unref on this platform = (40000) Current delayed weight unref = (60000) Max delayed weight unref on this platform= (400000) curproc = rpd This issue affects Juniper Networks Junos OS on PTX/QFX Series: 17.2X75 versions prior to 17.2X75-D105; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S5; 18.2X75 versions prior to 18.2X75-D420, 18.2X75-D53, 18.2X75-D65; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R1-S7, 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R2-S2, 19.1R3-S2; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2-S1, 19.4R3; 20.1 versions prior to 20.1R1-S2, 20.1R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1.
Publish date: 2020-10-16T21:15Z
Last Update: 2022-08-05T19:29Z

CVSS Scores & Vulnerability Types

CVSS Score
7.5
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactHIGH
Actack VectorNETWORK
Actack ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
ScopeUNCHANGED
Vulnerability Type(s)Other
CWE IDN/I

Products Affected By CVE-2020-1679

Detail of Verions Affected

# Product Type Vendor Product Version
1 Operating System Juniper Junos 17.2X75
2 Operating System Juniper Junos 17.2X75 D50
3 Operating System Juniper Junos 18.1 R1
4 Operating System Juniper Junos 18.1 R3
5 Operating System Juniper Junos 18.1 R2
6 Operating System Juniper Junos 18.2 R1
7 Operating System Juniper Junos 17.2X75 D70
8 Operating System Juniper Junos 17.2X75 D102
9 Operating System Juniper Junos 18.2
10 Operating System Juniper Junos 17.2X75
11 Operating System Juniper Junos 17.2X75 D92
12 Operating System Juniper Junos 18.1
13 Operating System Juniper Junos 18.1 R2 S1
14 Operating System Juniper Junos 18.1 R2 S2
15 Operating System Juniper Junos 18.1 R2 S4
16 Operating System Juniper Junos 18.1 R3 S2
17 Operating System Juniper Junos 18.1 R3 S3
18 Operating System Juniper Junos 18.1 R3 S4
19 Operating System Juniper Junos 18.2 R1 S3
20 Operating System Juniper Junos 18.2 R2 S1
21 Operating System Juniper Junos 18.2 R2 S2
22 Operating System Juniper Junos 18.2X75
23 Operating System Juniper Junos 18.2X75 D20
24 Operating System Juniper Junos 18.3 R1
25 Operating System Juniper Junos 18.3 R1 S1
26 Operating System Juniper Junos 18.3 R2
27 Operating System Juniper Junos 18.4 R1
28 Operating System Juniper Junos 18.1 R3 S1
29 Operating System Juniper Junos 18.1 R3 S6
30 Operating System Juniper Junos 18.1 R3 S7
31 Operating System Juniper Junos 18.2 R1
32 Operating System Juniper Junos 18.2 R1 S4
33 Operating System Juniper Junos 18.2 R1 S5
34 Operating System Juniper Junos 18.2 R2
35 Operating System Juniper Junos 18.2 R2 S3
36 Operating System Juniper Junos 18.2 R2 S4
37 Operating System Juniper Junos 18.2 R2 S5
38 Operating System Juniper Junos 18.2 R2 S6
39 Operating System Juniper Junos 18.2 R3
40 Operating System Juniper Junos 18.2 R3 S1
41 Operating System Juniper Junos 18.2X75 D40
42 Operating System Juniper Junos 18.3
43 Operating System Juniper Junos 18.3 R1 S2
44 Operating System Juniper Junos 18.3 R1 S3
45 Operating System Juniper Junos 18.3 R1 S5
46 Operating System Juniper Junos 18.3 R2 S1
47 Operating System Juniper Junos 18.3 R2 S2
48 Operating System Juniper Junos 18.4
49 Operating System Juniper Junos 18.4 R1 S1
50 Operating System Juniper Junos 18.4 R1 S2
51 Operating System Juniper Junos 18.4 R1 S5
52 Operating System Juniper Junos 18.4 R2
53 Operating System Juniper Junos 18.4 R2 S1
54 Operating System Juniper Junos 19.1
55 Operating System Juniper Junos 19.1 R1
56 Operating System Juniper Junos 19.1 R1 S1
57 Operating System Juniper Junos 19.1 R1 S2
58 Operating System Juniper Junos 19.1 R1 S3
59 Operating System Juniper Junos 19.2 R1
60 Operating System Juniper Junos 19.2 R1 S1
61 Operating System Juniper Junos 19.2 R1 S2
62 Operating System Juniper Junos 19.3
63 Operating System Juniper Junos 19.3 R1
64 Operating System Juniper Junos 18.1 R3 S10
65 Operating System Juniper Junos 18.1 R3 S8
66 Operating System Juniper Junos 18.1 R3 S9
67 Operating System Juniper Junos 18.2 R3 S2
68 Operating System Juniper Junos 18.2 R3 S3
69 Operating System Juniper Junos 18.2 R3 S4
70 Operating System Juniper Junos 18.2X75 D12
71 Operating System Juniper Junos 18.2X75 D30
72 Operating System Juniper Junos 18.2X75 D411
73 Operating System Juniper Junos 18.2X75 D51
74 Operating System Juniper Junos 18.3 R1 S6
75 Operating System Juniper Junos 18.3 R2 S3
76 Operating System Juniper Junos 18.3 R3
77 Operating System Juniper Junos 18.3 R3 S1
78 Operating System Juniper Junos 18.3 R3 S2
79 Operating System Juniper Junos 18.4 R1 S6
80 Operating System Juniper Junos 18.4 R2 S2
81 Operating System Juniper Junos 18.4 R2 S3
82 Operating System Juniper Junos 18.4 R2 S4
83 Operating System Juniper Junos 18.4 R3
84 Operating System Juniper Junos 18.4 R3 S1
85 Operating System Juniper Junos 18.4 R3 S2
86 Operating System Juniper Junos 18.4 R3 S3
87 Operating System Juniper Junos 19.1 R1 S4
88 Operating System Juniper Junos 19.1 R2
89 Operating System Juniper Junos 19.1 R2 S1
90 Operating System Juniper Junos 19.1 R3
91 Operating System Juniper Junos 19.1 R3 S1
92 Operating System Juniper Junos 19.2
93 Operating System Juniper Junos 19.2 R1 S3
94 Operating System Juniper Junos 19.2 R1 S4
95 Operating System Juniper Junos 19.3 R1 S1
96 Operating System Juniper Junos 19.3 R2
97 Operating System Juniper Junos 19.3 R2 S1
98 Operating System Juniper Junos 19.3 R2 S2
99 Operating System Juniper Junos 19.4 R1
100 Operating System Juniper Junos 19.4 R1 S1
101 Operating System Juniper Junos 19.4 R2
102 Operating System Juniper Junos 20.1 R1
103 Operating System Juniper Junos 20.1 R1 S1
104 Hardware Juniper Qfx5110
105 Hardware Juniper Qfx10002
106 Hardware Juniper Qfx10016
107 Hardware Juniper Qfx10008
108 Hardware Juniper Qfx5100
109 Hardware Juniper Qfx5200
110 Hardware Juniper Qfx5120
111 Hardware Juniper Qfx5210
112 Hardware Juniper Ptx1000
113 Hardware Juniper Ptx10001 36Mr
114 Hardware Juniper Ptx100016
115 Hardware Juniper Ptx10002
116 Hardware Juniper Ptx10003
117 Hardware Juniper Ptx10004
118 Hardware Juniper Ptx10008
119 Hardware Juniper Ptx3000
120 Hardware Juniper Ptx5000
121 Hardware Juniper Qfx5130
122 Hardware Juniper Qfx5220

References For CVE-2020-1679

Hyperlink Resource
https://kb.juniper.net/JSA11076 Vendor Advisory