Lucene search

[email protected]CVE-2023-44192

HistoryOct 13, 2023 - 12:15 a.m.

CVE-2023-44192

2023-10-1300:15:12

CWE-401

CWE-20

[email protected]

web.nvd.nist.gov

cve-2023-44192

improper input validation

packet forwarding engine

juniper networks

junos os

qfx5000 series

denial of service

dos

memory leak

dhcp

evpn

vxlan

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

17.0%

JSON

An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS).

On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak.

To confirm the memory leak, monitor for “sheaf:possible leak” and “vtep not found” messages in the logs.

This issue affects:

Juniper Networks Junos OS QFX5000 Series:

All versions prior to 20.4R3-S6;
21.1 versions prior to 21.1R3-S5;
21.2 versions prior to 21.2R3-S5;
21.3 versions prior to 21.3R3-S4;
21.4 versions prior to 21.4R3-S3;
22.1 versions prior to 22.1R3-S2;
22.2 versions prior to 22.2R2-S2, 22.2R3;
22.3 versions prior to 22.3R2-S1, 22.3R3;
22.4 versions prior to 22.4R1-S2, 22.4R2.

Affected configurations

NVD

Node

juniperjunosRange<20.4

juniperjunosMatch20.4-

juniperjunosMatch20.4r1

juniperjunosMatch20.4r1-s1

juniperjunosMatch20.4r2

juniperjunosMatch20.4r2-s1

juniperjunosMatch20.4r2-s2

juniperjunosMatch20.4r3

juniperjunosMatch20.4r3-s1

juniperjunosMatch20.4r3-s2

juniperjunosMatch20.4r3-s3

juniperjunosMatch20.4r3-s4

juniperjunosMatch20.4r3-s5

juniperjunosMatch21.1-

juniperjunosMatch21.1r1

juniperjunosMatch21.1r1-s1

juniperjunosMatch21.1r2

juniperjunosMatch21.1r2-s1

juniperjunosMatch21.1r2-s2

juniperjunosMatch21.1r3

juniperjunosMatch21.1r3-s1

juniperjunosMatch21.1r3-s2

juniperjunosMatch21.1r3-s3

juniperjunosMatch21.1r3-s4

juniperjunosMatch21.2-

juniperjunosMatch21.2r1

juniperjunosMatch21.2r1-s1

juniperjunosMatch21.2r1-s2

juniperjunosMatch21.2r2

juniperjunosMatch21.2r2-s1

juniperjunosMatch21.2r2-s2

juniperjunosMatch21.2r3

juniperjunosMatch21.2r3-s1

juniperjunosMatch21.2r3-s2

juniperjunosMatch21.2r3-s3

juniperjunosMatch21.2r3-s4

juniperjunosMatch21.3-

juniperjunosMatch21.3r1

juniperjunosMatch21.3r1-s1

juniperjunosMatch21.3r1-s2

juniperjunosMatch21.3r2

juniperjunosMatch21.3r2-s1

juniperjunosMatch21.3r2-s2

juniperjunosMatch21.3r3

juniperjunosMatch21.3r3-s1

juniperjunosMatch21.3r3-s2

juniperjunosMatch21.3r3-s3

juniperjunosMatch21.4-

juniperjunosMatch21.4r1

juniperjunosMatch21.4r1-s1

juniperjunosMatch21.4r1-s2

juniperjunosMatch21.4r2

juniperjunosMatch21.4r2-s1

juniperjunosMatch21.4r2-s2

juniperjunosMatch21.4r3

juniperjunosMatch21.4r3-s1

juniperjunosMatch21.4r3-s2

juniperjunosMatch22.1r1

juniperjunosMatch22.1r1-s1

juniperjunosMatch22.1r1-s2

juniperjunosMatch22.1r2

juniperjunosMatch22.1r2-s1

juniperjunosMatch22.1r2-s2

juniperjunosMatch22.1r3

juniperjunosMatch22.1r3-s1

juniperjunosMatch22.2-

juniperjunosMatch22.2r1

juniperjunosMatch22.2r1-s1

juniperjunosMatch22.2r1-s2

juniperjunosMatch22.2r2

juniperjunosMatch22.2r2-s1

juniperjunosMatch22.3r1

juniperjunosMatch22.3r1-s1

juniperjunosMatch22.3r1-s2

juniperjunosMatch22.3r2

juniperjunosMatch22.3r2-s1

juniperjunosMatch22.4r1

juniperjunosMatch22.4r1-s1

AND

juniperqfk5110Match-

juniperqfk5120Match-

juniperqfk5130Match-

juniperqfk5200Match-

juniperqfk5210Match-

juniperqfk5220Match-

juniperqfk5230Match-

juniperqfk5700Match-

CPENameOperatorVersion
juniper:junosjuniper junoslt20.4
juniper:junosjuniper junoseq21.1
juniper:junosjuniper junoseq21.2
juniper:junosjuniper junoseq21.3
juniper:junosjuniper junoseq21.4
juniper:junosjuniper junoseq22.1
juniper:junosjuniper junoseq22.2
juniper:junosjuniper junoseq22.3
juniper:junosjuniper junoseq22.4

CPE	Name	Operator	Version
juniper:junos	juniper junos	lt	20.4
juniper:junos	juniper junos	eq	21.1
juniper:junos	juniper junos	eq	21.2
juniper:junos	juniper junos	eq	21.3
juniper:junos	juniper junos	eq	21.4
juniper:junos	juniper junos	eq	22.1
juniper:junos	juniper junos	eq	22.2
juniper:junos	juniper junos	eq	22.3
juniper:junos	juniper junos	eq	22.4

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "QFX5000 Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S6",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1R3-S5",
        "status": "affected",
        "version": "21.1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S5",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S4",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S3",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S2",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R2-S2, 22.2R3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R2-S1, 22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R1-S2, 22.4R2",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]