Vulnerability Description
A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. Continued receipt and processing of the crafted ARP packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series. 12.3 versions prior to 12.3R12-S17; 15.1 versions prior to 15.1R7-S8. This issue only affects the listed Marvell-chipset based EX Series devices. No other products or platforms are affected.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 12.3 |
| Juniper | Ex2200-C | - |
| Juniper | Ex3200 | - |
| Juniper | Ex3300 | - |
| Juniper | Ex4200 | - |
| Juniper | Ex4500 | - |
| Juniper | Ex4550 | - |
| Juniper | Ex6210 | - |
| Juniper | Ex8208 | - |
| Juniper | Ex8216 | - |
Related Weaknesses (CWE)
References
- https://kb.juniper.net/JSA11162Vendor Advisory
- https://kb.juniper.net/JSA11162Vendor Advisory
FAQ
What is CVE-2021-0271?
CVE-2021-0271 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sendin...
How severe is CVE-2021-0271?
CVE-2021-0271 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-0271?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ex2200-C, Juniper Ex3200, Juniper Ex3300, Juniper Ex4200.