VYPR
Unrated severityNVD Advisory· Published Jan 12, 2023· Updated Apr 8, 2025

Junos OS: SRX Series: A memory leak might be observed in IPsec VPN scenario leading to an FPC crash

CVE-2023-22417

Description

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. Eventually the flowd process will crash and restart. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S8, 19.4R3-S10; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    19.3 < 19.3R3-S7, 19.4 < 19.4R2-S8/19.4R3-S10, 20.2 < 20.2R3-S6, 20.3 < 20.3R3-S5, 20.4 < 20.4R3-S5, 21.1 < 21.1R3-S4, 21.2 < 21.2R3, 21.3 < 21.3R3, 21.4 < 21.4R2+ 1 more
    • (no CPE)range: 19.3 < 19.3R3-S7, 19.4 < 19.4R2-S8/19.4R3-S10, 20.2 < 20.2R3-S6, 20.3 < 20.3R3-S5, 20.4 < 20.4R3-S5, 21.1 < 21.1R3-S4, 21.2 < 21.2R3, 21.3 < 21.3R3, 21.4 < 21.4R2
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.