CVE-2018-0022

CVSS V2 High 7.8 CVSS V3 High 7.5

Description

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number of mbufs that are currently in use and maximum number of mbufs that can be allocated on a platform: > show system buffers 2437/3143/5580 mbufs in use (current/cache/total) Once the device runs out of mbufs it will become inaccessible and a restart will be required. This issue only affects end devices, transit devices are not affected. Affected releases are Juniper Networks Junos OS with VPLS configured running: 12.1X46 versions prior to 12.1X46-D76; 12.3X48 versions prior to 12.3X48-D66, 12.3X48-D70; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D47; 14.2 versions prior to 14.2R8; 15.1 versions prior to 15.1F2-S19, 15.1F6-S10, 15.1R4-S9, 15.1R5-S7, 15.1R6-S4, 15.1R7; 15.1X49 versions prior to 15.1X49-D131, 15.1X49-D140; 15.1X53 versions prior to 15.1X53-D58 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471 on NFX; 15.1X53 versions prior to 15.1X53-D66 on QFX10; 16.1 versions prior to 16.1R3-S8, 16.1R4-S6, 16.1R5; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S6, 17.1R3; 17.2 versions prior to 17.2R1-S5, 17.2R2.

Overview

CVE ID
CVE-2018-0022

Assigner
sirt@juniper.net

Vulnerability Status
Modified

Published Version
2018-04-11T19:29:00

Last Modified Date
2019-10-09T23:30:59

Weakness Enumerations

CWE	URL
CWE-400	http://cwe.mitre.org/data/definitions/400.html

CPE Configuration (Product)

CPE	Vulnerable	Operator
		AND
cpe:2.3:o:juniper:junos:15.1x49:::::::*	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d10::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d100::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d110::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d120::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d130::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d20::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d30::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d35::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d40::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d45::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d50::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d55::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d60::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d65::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d70::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d75::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d80::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x49:d90::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:14.1:::::::*	1	OR
cpe:2.3:o:juniper:junos:14.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos:14.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos:14.1:r3::::::	1	OR
cpe:2.3:o:juniper:junos:14.1:r4::::::	1	OR
cpe:2.3:o:juniper:junos:14.1:r5::::::	1	OR
cpe:2.3:o:juniper:junos:14.1:r6::::::	1	OR
cpe:2.3:o:juniper:junos:14.1:r7::::::	1	OR
cpe:2.3:o:juniper:junos:14.1:r8::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:14.1x53:::::::*	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d15::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d16::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d25::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d26::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d27::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d30::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d35::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d40::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d42::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d43::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d44::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d45::::::	1	OR
cpe:2.3:o:juniper:junos:14.1x53:d46::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:15.1x53:::::::*	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d10::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d20::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d21::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d30::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d32::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d33::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d34::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d50::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d51::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d52::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d55::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d57::::::	1	OR
cpe:2.3:h:juniper:ex2300:-:::::::*	0	OR
cpe:2.3:h:juniper:ex3400:-:::::::*	0	OR
		AND
cpe:2.3:o:juniper:junos:16.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos:16.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos:16.1:r3::::::	1	OR
cpe:2.3:o:juniper:junos:16.1:r4::::::	1	OR
cpe:2.3:o:juniper:junos:16.1:r5::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:16.2:r1::::::	1	OR
cpe:2.3:o:juniper:junos:16.2:r2::::::	1	OR
cpe:2.3:o:juniper:junos:16.2:r3::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:17.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos:17.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos:17.1:r3::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:15.1:::::::*	1	OR
cpe:2.3:o:juniper:junos:15.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:r3::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:r4::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:r6::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:12.1x46:::::::*	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d10::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d15::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d20::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d25::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d30::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d35::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d40::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d45::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d50::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d55::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d60::::::	1	OR
cpe:2.3:o:juniper:junos:12.1x46:d65::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:12.3x48:::::::*	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d10::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d15::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d20::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d25::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d30::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d35::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d40::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d45::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d50::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d55::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d60::::::	1	OR
cpe:2.3:o:juniper:junos:12.3x48:d65::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:14.2:::::::*	1	OR
cpe:2.3:o:juniper:junos:14.2:r1::::::	1	OR
cpe:2.3:o:juniper:junos:14.2:r2::::::	1	OR
cpe:2.3:o:juniper:junos:14.2:r3::::::	1	OR
cpe:2.3:o:juniper:junos:14.2:r4::::::	1	OR
cpe:2.3:o:juniper:junos:14.2:r5::::::	1	OR
cpe:2.3:o:juniper:junos:14.2:r6::::::	1	OR
cpe:2.3:o:juniper:junos:14.2:r7::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:15.1:::::::*	1	OR
cpe:2.3:o:juniper:junos:15.1:f1::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:f2::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:f3::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:f4::::::	1	OR
cpe:2.3:o:juniper:junos:15.1:f6::::::	1	OR
		AND
cpe:2.3:o:juniper:junos:15.1x53:::::::*	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d10::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d20::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d21::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d210::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d230::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d231::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d232::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d30::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d32::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d33::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d34::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d50::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d51::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d52::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d55::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d57::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d58::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d60::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d61::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d62::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d63::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d64::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d65::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d66::::::	1	OR
cpe:2.3:h:juniper:qfx5110:-:::::::*	0	OR
cpe:2.3:h:juniper:qfx5200:-:::::::*	0	OR
		AND
cpe:2.3:o:juniper:junos:15.1x53:::::::*	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d10::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d20::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d21::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d210::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d230::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d231::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d232::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d233::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d30::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d32::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d33::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d34::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d470::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d50::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d51::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d52::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d55::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d57::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d58::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d60::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d61::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d62::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d63::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d64::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d65::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d66::::::	1	OR
cpe:2.3:h:juniper:nfx150:-:::::::*	0	OR
cpe:2.3:h:juniper:nfx250:-:::::::*	0	OR
		AND
cpe:2.3:o:juniper:junos:15.1x53:::::::*	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d10::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d20::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d21::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d30::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d32::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d33::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d34::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d50::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d51::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d52::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d55::::::	1	OR
cpe:2.3:o:juniper:junos:15.1x53:d57::::::	1	OR
cpe:2.3:h:juniper:qfx10:-:::::::*	0	OR
		AND
cpe:2.3:o:juniper:junos:17.2:r1::::::	1	OR
cpe:2.3:o:juniper:junos:17.2:r2::::::	1	OR

CVSS Version 2

Version
2.0

Vector String
AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector
NETWORK

Access Compatibility
LOW

Authentication
NONE

Confidentiality Impact
NONE

Integrity Impact
NONE

Availability Impact
COMPLETE

Base Score
7.8

Severity
HIGH

Exploitability Score
10

Impact Score
6.9

CVSS Version 3

Version
3.0

Vector String
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector
NETWORK

Attack Compatibility
LOW

Privileges Required
NONE

User Interaction
NONE

Scope
UNCHANGED

Confidentiality Impact
NONE

Availability Impact
HIGH

Base Score
7.5

Base Severity
HIGH

Exploitability Score
3.9

Impact Score
3.6

References

Reference URL	Reference Tags
https://kb.juniper.net/JSA10855	Vendor Advisory
http://www.securityfocus.com/bid/103740	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040790	Third Party Advisory VDB Entry

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2018-0022
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0022

History

Created	Old Value	New Value	Data Type	Notes
2022-05-10 17:08:10				Added to TrackCVE
2022-12-03 04:40:51	2018-04-11T19:29Z	2018-04-11T19:29:00	CVE Published Date	updated
2022-12-03 04:40:51		2019-10-09T23:30:59	CVE Modified Date	updated
2022-12-03 04:40:51		Modified	Vulnerability Status	updated