Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

2013-04 Security Bulletin: Junos: Ethernet traffic with invalid Ether-Type can trigger protocol packet drops on Ichip-based FPCs/DPCs



Article ID: JSA10558 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 5.0
Legacy Advisory Id:
Product Affected:
This issue can affect any Ethernet interface on an Ichip-based FPC or DPC found in systems such as the MX Series, M120, and M320 routers.

Reception of Ethernet packets containing an invalid Ether-Type can cause congestion within a Host Notification Queue on a router with Ichip-based FPCs or DPCs, such as the MX Series routers, the M120 and M320 multiservice edge routers, and the M10i/M7i CFEB-E. This in turn can lead to the dropping of valid protocol traffic from reaching the Routing Engine (RE) and impact certain time-sensitive protocols such as LACP, ISIS, and Ethernet OAM. Once the invalid Ethernet traffic stops, the queues drain and normal operation will continue without intervention.

This issue only affects routers with line cards installed using Ichip-based FPCs and DPCs. Trio-based MPCs and all other routing platforms are unaffected by this issue. Additionally, the impact is limited to the PFE being flooded with invalid Ether-Type traffic. The impact does not span line cards.

Refer to the "MX Series 3D Universal Edge Router Line Card Guide" (link below) for more information about the various port concentrators available for the MX Series, and KB25385 for a mapping of chipset type to PFE module.

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

No other Juniper Networks products or platforms are affected by this issue.

All Junos OS software releases built on or after 2013-03-18 have fixes for this specific issue. Releases containing the fix specifically include: 10.4S13, 11.4R7, 11.4X27.42 (MX BBE), 12.1R5-S1, 12.1R6, 12.2R3-S1, 12.2R4, 12.3R1-S1, 12.3R2, 13.1R1, and all subsequent releases (i.e. all releases built after 13.1R1).

Customers can confirm the build date of any Junos OS release by issuing the command 'show version detail'.

This issue is being tracked as PR 822545 for the MX Series and PR 847603 for all other platforms, both of which are visible on the Customer Support website.

KB16765 - "In which releases are vulnerabilities fixed?" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.


No known workaround exists for this issue, although typical security best common practices should limit direct, adjacent access to the router.

How to obtain fixed software:

Security vulnerabilities in Junos are fixed in the next available Maintenance Release of each supported Junos version. In some cases, a Maintenance Release is not planned to be available in an appropriate time-frame. For these cases, Service Releases are made available in order to be more timely. Security Advisory and Security Notices will indicate which Maintenance and Service Releases contain fixes for the issues described. Upon request to JTAC, customers will be provided download instructions for a Service Release. Although Juniper does not provide formal Release Note documentation for a Service Release, a list of "PRs fixed" can be provided on request.
CVSS Score:
6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
Severity Level:
Severity Assessment:
Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories."

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search