CVE-2023-36833

EPSS 0.1%
Published 14.07.2023 17:15:09
Last modified 21.11.2024 08:10:42
Source sirt@juniper.net
Teams watchlist Login
Open Login

A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).

The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service.

An indication that the system experienced this issue is the following log message:

  <date> <hostname> evo-aftmand-bt[<pid>]: [Error] jexpr_fdb: sanity check failed, ... , app_name L3 Mcast Routes




This issue affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202:
21.2 version 21.2R1-EVO and later versions;
21.3 version 21.3R1-EVO and later versions;
21.4 versions prior to 21.4R3-S3-EVO;
22.1 version 22.1R1-EVO and later versions;
22.2 versions prior to 22.2R3-S2-EVO;
22.3 versions prior to 22.3R3-EVO;
22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Junos Os Evolved Version21.2 Update-

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater1-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater1-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater2-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater2-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater3-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater3-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater3-s3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater3-s4

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.2 Updater3-s5

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Update-

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater1-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater2-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater2-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater3-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater3-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater3-s3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.3 Updater3-s4

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Update-

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater1-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater1-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater2-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater2-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater3-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version21.4 Updater3-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater1-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater1-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater2-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater3-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater3-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.1 Updater3-s3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.2 Updater1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.2 Updater1-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.2 Updater2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.2 Updater2-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.2 Updater2-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.2 Updater3

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.2 Updater3-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.3 Updater1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.3 Updater1-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.3 Updater1-s2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.3 Updater2

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.3 Updater2-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.4 Updater1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Juniper ≫ Junos Os Evolved Version22.4 Updater1-s1

   Juniper ≫ Ptx10001-36mr Version-
   Juniper ≫ Ptx10004 Version-
   Juniper ≫ Ptx10008 Version-
   Juniper ≫ Ptx10016 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.1%	0.29

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
sirt@juniper.net	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://supportportal.juniper.net/JSA71640

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-36833

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-36833

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-36833

EUVD