An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When there is a continuous mac move a memory corruption causes one or more FPCs to crash and reboot. These MAC moves can be between two local interfaces or between core/EVPN and local interface. The below error logs can be seen in PFE syslog when this issue happens: xss_event_handler(1071): EA[0:0]_PPE 46.xss[0] ADDR Error. ppe_error_interrupt(4298): EA[0:0]_PPE 46 Errors sync xtxn error xss_event_handler(1071): EA[0:0]_PPE 1.xss[0] ADDR Error. ppe_error_interrupt(4298): EA[0:0]_PPE 1 Errors sync xtxn error xss_event_handler(1071): EA[0:0]_PPE 2.xss[0] ADDR Error. This issue affects Juniper Networks Junos OS on MX Series: All versions prior to 15.1R7-S13.

19.1 versions prior to 19.1R3-S9.

19.2 versions prior to 19.2R3-S6.

19.3 versions prior to 19.3R3-S6.

19.4 versions prior to 19.4R2-S7, 19.4R3-S8.

20.1 version 20.1R1 and later versions.

20.2 versions prior to 20.2R3-S5.

20.3 versions prior to 20.3R3-S5.

20.4 versions prior to 20.4R3-S2.

21.1 versions prior to 21.1R3.

21.2 versions prior to 21.2R3.

21.3 versions prior to 21.3R2.