CVE-2017-10611 in Junos
Summary
by MITRE
If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can result in an extended denial of service condition. This issue only affects the following platforms: (1) EX2200, EX3300, XRE200 (2) MX Series routers with MPC7E/8E/9E PFEs installed, and only if 'extended-statistics' are enabled under the [edit chassis] configuration. Affected releases are Juniper Networks Junos OS 14.1 prior to 14.1R8-S5, 14.1R9 on MX Series; 14.1X53 prior to 14.1X53-D46, 14.1X53-D50 on EX2200, EX3300, XRE200; 14.2 prior to 14.2R7-S9, 14.2R8 on MX Series; 15.1 prior to 15.1F5-S8, 15.1F6-S8, 15.1R5-S3, 15.1R6 on MX Series; 16.1 prior to 16.1R4-S5, 16.1R5, 16.1R6 on MX Series; 16.1X65 prior to 16.1X65-D45 on EX2200, EX3300, XRE200; 16.2 prior to 16.2R2-S1, 16.2R3 on MX Series; 17.1 prior to 17.1R2-S2, 17.1R3 on MX Series; 17.2 prior to 17.2R1-S3, 17.2R2 on MX Series; 17.2X75 prior to 17.2X75-D50 on MX Series; 17.3 prior to 17.3R1-S1, 17.3R2 on MX Series. No other Juniper Networks products or platforms are affected by this issue.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 01/03/2023
This vulnerability represents a critical stability issue within Juniper Networks' Junos OS operating system, specifically affecting platforms that support extended statistics functionality through the chassis configuration. The flaw manifests when the pfem process or FPC components attempt to handle interface statistics operations, creating a condition where system crashes and automatic restarts occur during normal operational activities. The vulnerability is particularly concerning because it can be triggered through legitimate network management operations such as SNMP GET requests, making it exploitable through standard monitoring and management protocols. The issue demonstrates a fundamental flaw in how the system handles statistical data processing under specific configuration conditions, creating a potential attack vector that could be leveraged for sustained disruption of network services.
The technical root cause of this vulnerability lies in the improper handling of memory structures or data processing within the pfem process when extended statistics are enabled. This condition falls under the category of software defects that can lead to buffer overflows or memory corruption scenarios, though the exact mechanism remains implementation-specific. The vulnerability operates at the system level where the chassis component's extended-statistics feature interacts with the forwarding plane engine, creating a cascade effect that results in process termination and system restarts. This type of issue is classified as a denial of service condition that can be amplified through repeated triggering of the affected operations, potentially leading to extended periods of service unavailability.
The operational impact of this vulnerability extends beyond simple service disruption to create significant reliability concerns for network infrastructure. Organizations relying on the affected platforms may experience unexpected downtime during routine monitoring activities, particularly when SNMP-based network management systems are actively polling interface statistics. The vulnerability affects specific hardware platforms including EX2200, EX3300, XRE200 series switches and MX Series routers equipped with MPC7E/8E/9E PFEs, which represents a substantial portion of Juniper's enterprise networking portfolio. The affected releases span multiple Junos OS versions across different release branches, indicating this was a widespread issue that required coordinated patching across multiple product lines and release cycles.
Mitigation strategies for this vulnerability require immediate configuration changes to disable extended statistics when not actively needed, as this is the most direct way to prevent exploitation of the flaw. Network administrators should implement the appropriate Junos OS patches as released by Juniper Networks to address the underlying code issues within the pfem process and FPC handling components. The remediation process should include thorough testing of network management systems to ensure that disabling extended statistics does not impact required monitoring capabilities, while also validating that the patched systems maintain proper functionality. Security teams should also implement monitoring for unusual restart patterns or service disruptions that could indicate exploitation attempts, as this vulnerability can be triggered through legitimate management operations and may not be immediately apparent through standard network monitoring tools. This vulnerability aligns with ATT&CK techniques related to privilege escalation and denial of service through system instability, and represents a CWE-121 or similar memory corruption issue that demonstrates the importance of proper input validation and resource management in network operating systems.