VYPR
Unrated severityNVD Advisory· Published Oct 12, 2023· Updated Sep 18, 2024

Junos OS: MX Series: Receipt of malformed TCP traffic will cause a Denial of Service

CVE-2023-36841

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS).

An attacker who sends malformed TCP traffic via an interface configured with PPPoE, causes an infinite loop on the respective PFE. This results in consuming all resources and a manual restart is needed to recover.

This issue affects interfaces with PPPoE configured and tcp-mss enabled.

This issue affects Juniper Networks Junos OS

  • All versions prior to 20.4R3-S7;
  • 21.1 version 21.1R1 and later versions;
  • 21.2 versions prior to 21.2R3-S6;
  • 21.3 versions prior to 21.3R3-S5;
  • 21.4 versions prior to 21.4R3-S3;
  • 22.1 versions prior to 22.1R3-S4;
  • 22.2 versions prior to 22.2R3;
  • 22.3 versions prior to 22.3R2-S2;
  • 22.4 versions prior to 22.4R2;

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    <20.4R3-S7; >=21.1R1; <21.2R3-S6; <21.3R3-S5; <21.4R3-S3; <22.1R3-S4; <22.2R3; <22.3R2-S2; <22.4R2+ 1 more
    • (no CPE)range: <20.4R3-S7; >=21.1R1; <21.2R3-S6; <21.3R3-S5; <21.4R3-S3; <22.1R3-S4; <22.2R3; <22.3R2-S2; <22.4R2
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.