Juniper upgrades open source tools to wipe out huge number of bugs

Juniper Networks has run its eye over the open source toolsets it uses, and discovered multiple vulnerabilities rated critical or high severity.

Junos Space versions prior to version 22.2R1 have been patched against a number of third-party software vulnerabilities, including the following critical CVEs:

• CVE-2021-43527 – a heap overflow in the open source Network Security Services prior to version 3.73 or 3.68.1 ESR, when handling DER-encoded DSA or RSA-PSS signatures; and
• Several critical integer overflows in libexpat.

The company’s SBR Carrier RADIUS software has been patched against “multiple vulnerabilities in libexpat and OpenSSL”.

The libexpat bugs are mostly integer overflows, while the OpenSSL vulnerabilities include CVE-2021-3711, a decryption buffer overflow; and CVE-2022-1292, a shell character sanitisation bug.

The fix takes libexpat to version 2.4.8 and OpenSSL to version 1.1.1o.

The third critical patch covers Contrail Networking release 2011.L5.

CVE-2017-5929 is a serialisation vulnerability in Log4J successor Logback; CVE-2016-4658 is a use-after-free in libxml2, offering remote code execution (RCE); CVE-2021-31535 is an RCE bug in X.org; CVE-2021-3177 is a buffer overflow in Python 3.x up to 3.9.1; and Contrail Networks shares the libexpat and NSS bugs fixed in Junos Space.

The company’s Session Smart Router software before versions 5.4.7 and 5.5 have a large number of third-party bugs including CVE-2015-9262, an RCE in libXcursor dating to 2015; CVE-2016-4658, an arbitrary code execution bug in libxml2; and the aforementioned NSS and libexpat vulnerabilities.

The full list of October 12 disclosures can be found here.