Vulnerability-Lookup

BDU:2023-06851

Vulnerability from fstec - Published: 12.10.2023

Title

Уязвимость модуля Packet Forwarding Engine (PFE) операционных систем Juniper Networks Junos, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость модуля Packet Forwarding Engine (PFE) операционных систем Juniper Networks Junos связана с неосвобождением памяти перед удалением. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Juniper Networks Inc.

Software Name

JunOS

Software Version

от 22.1 до 22.1R2 (JunOS), до 20.4R3-S5 (JunOS), от 21.1 до 21.1R3-S4 (JunOS), от 21.2 до 21.2R3-S2 (JunOS), от 21.3 до 21.3R3 (JunOS), от 21.4 до 21.4R2-S2 (JunOS), от 21.4 до 21.4R3 (JunOS), от 22.1 до 22.1R1-S2 (JunOS), от 21.1 до 21.4R3 (JunOS), до 20.4R3-S8 (JunOS), от 21.2 до 21.2R3-S6 (JunOS), от 21.3 до 21.3R3-S5 (JunOS), от 21.4 до 21.4R3-S4 (JunOS), от 22.1 до 22.1R3-S3 (JunOS), от 22.2 до 22.2R3-S1 (JunOS), от 22.3 до 22.3R2-S2 (JunOS), от 22.3 до 22.3R3 (JunOS), от 22.4 до 22.4R2 (JunOS), 21.1 (JunOS)

Possible Mitigations

Использование рекомендаций: https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Received-flow-routes-which-aren-t-installed-as-the-hardware-doesn-t-support-them-lead-to-an-FPC-heap-memory-leak-CVE-2023-22392?language=en_US

Reference

https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Received-flow-routes-which-aren-t-installed-as-the-hardware-doesn-t-support-them-lead-to-an-FPC-heap-memory-leak-CVE-2023-22392?language=en_US https://vuldb.com/ru/?id.242060

CWE

CWE-401

JSON

To clipboard

{
  "CVSS 2.0": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Juniper Networks Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 22.1 \u0434\u043e 22.1R2 (JunOS), \u0434\u043e 20.4R3-S5 (JunOS), \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 (JunOS), \u043e\u0442 21.2 \u0434\u043e 21.2R3-S2 (JunOS), \u043e\u0442 21.3 \u0434\u043e 21.3R3 (JunOS), \u043e\u0442 21.4 \u0434\u043e 21.4R2-S2 (JunOS), \u043e\u0442 21.4 \u0434\u043e 21.4R3 (JunOS), \u043e\u0442 22.1 \u0434\u043e 22.1R1-S2 (JunOS), \u043e\u0442 21.1 \u0434\u043e 21.4R3 (JunOS), \u0434\u043e 20.4R3-S8 (JunOS), \u043e\u0442 21.2 \u0434\u043e 21.2R3-S6 (JunOS), \u043e\u0442 21.3 \u0434\u043e 21.3R3-S5 (JunOS), \u043e\u0442 21.4 \u0434\u043e 21.4R3-S4 (JunOS), \u043e\u0442 22.1 \u0434\u043e 22.1R3-S3 (JunOS), \u043e\u0442 22.2 \u0434\u043e 22.2R3-S1 (JunOS), \u043e\u0442 22.3 \u0434\u043e 22.3R2-S2 (JunOS), \u043e\u0442 22.3 \u0434\u043e 22.3R3 (JunOS), \u043e\u0442 22.4 \u0434\u043e 22.4R2 (JunOS), 21.1 (JunOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Received-flow-routes-which-aren-t-installed-as-the-hardware-doesn-t-support-them-lead-to-an-FPC-heap-memory-leak-CVE-2023-22392?language=en_US",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.10.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "17.10.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.10.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-06851",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-22392",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "JunOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R2 PTX10008, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R2 PTX10016, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S5 PTX1000, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 PTX1000, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S2 PTX1000, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3 PTX1000, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R2-S2 PTX1000, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3 PTX1000, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R1-S2 PTX1000, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R2 PTX1000, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S5 PTX10002, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 PTX10002, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S2 PTX10002, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3 PTX10002, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R2-S2 PTX10002, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.4R3 PTX10002, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R1-S2 PTX10002, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R2 PTX10002, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S5 PTX10004, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 PTX10004, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S2 PTX10004, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3 PTX10004, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R2-S2 PTX10004, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3 PTX10004, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R1-S2 PTX10004, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R2 PTX10004, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S5 PTX10008, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 PTX10008, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S2 PTX10008, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3 PTX10008, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R2-S2 PTX10008, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3 PTX10008, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R1-S2 PTX10008, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S5 PTX10016, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 PTX10016, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S2 PTX10016, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3 PTX10016, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R2-S2 PTX10016, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3 PTX10016, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R1-S2 PTX10016, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S5 FPC LC110x, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 FPC LC110x, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S2 FPC LC110x, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3 FPC LC110x, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R2-S2 FPC LC110x, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3 FPC LC110x, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R1-S2 FPC LC110x, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R2 FPC LC110x, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S8 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S6 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3-S5 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3-S4 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R3-S3 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 22.2 \u0434\u043e 22.2R3-S1 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 22.3 \u0434\u043e 22.3R2-S2 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 22.3 \u0434\u043e 22.3R3 PTX3000, Juniper Networks Inc. JunOS \u043e\u0442 22.4 \u0434\u043e 22.4R2 PTX3000, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S8 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S6 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3-S5 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3-S4 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R3-S3 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 22.2 \u0434\u043e 22.2R3-S1 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 22.3 \u0434\u043e 22.3R2-S2 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 22.3 \u0434\u043e 22.3R3 PTX5000, Juniper Networks Inc. JunOS \u043e\u0442 22.4 \u0434\u043e 22.4R2 PTX5000, Juniper Networks Inc. JunOS \u0434\u043e 20.4R3-S8 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S6 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3-S5 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3-S4 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R3-S3 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 22.2 \u0434\u043e 22.2R3-S1 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 22.3 \u0434\u043e 22.3R2-S2 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 22.3 \u0434\u043e 22.3R3 QFX10000, Juniper Networks Inc. JunOS \u043e\u0442 22.4 \u0434\u043e 22.4R2 QFX10000, Juniper Networks Inc. JunOS 21.1 PTX5000, Juniper Networks Inc. JunOS 21.1 PTX3000, Juniper Networks Inc. JunOS 21.1 QFX10000",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f Packet Forwarding Engine (PFE) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Juniper Networks Junos, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044f Packet Forwarding Engine (PFE) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Juniper Networks Junos \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Received-flow-routes-which-aren-t-installed-as-the-hardware-doesn-t-support-them-lead-to-an-FPC-heap-memory-leak-CVE-2023-22392?language=en_US\nhttps://vuldb.com/ru/?id.242060",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-401",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,1)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}

CVE-2023-22392 (GCVE-0-2023-22392)

Vulnerability from cvelistv5 – Published: 2023-10-12 22:55 – Updated: 2024-08-02 10:07

Title

Junos OS: PTX Series and QFX10000 Series: Received flow-routes which aren't installed as the hardware doesn't support them, lead to an FPC heap memory leak

Summary

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). PTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs do not support certain flow-routes. Once a flow-route is received over an established BGP session and an attempt is made to install the resulting filter into the PFE, FPC heap memory is leaked. The FPC heap memory can be monitored using the CLI command "show chassis fpc". The following syslog messages can be observed if the respective filter derived from a flow-route cannot be installed. expr_dfw_sfm_range_add:661 SFM packet-length Unable to get a sfm entry for updating the hw expr_dfw_hw_sfm_add:750 Unable to add the filter secondarymatch to the hardware expr_dfw_base_hw_add:52 Failed to add h/w sfm data. expr_dfw_base_hw_create:114 Failed to add h/w data. expr_dfw_base_pfe_inst_create:241 Failed to create base inst for sfilter 0 on PFE 0 for __flowspec_default_inet__ expr_dfw_flt_inst_change:1368 Failed to create __flowspec_default_inet__ on PFE 0 expr_dfw_hw_pgm_fnum:465 dfw_pfe_inst_old not found for pfe_index 0! expr_dfw_bp_pgm_flt_num:548 Failed to pgm bind-point in hw: generic failure expr_dfw_bp_topo_handler:1102 Failed to program fnum. expr_dfw_entry_process_change:679 Failed to change instance for filter __flowspec_default_inet__. This issue affects Juniper Networks Junos OS: on PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S2; * 21.3 versions prior to 21.3R3; * 21.4 versions prior to 21.4R2-S2, 21.4R3; * 22.1 versions prior to 22.1R1-S2, 22.1R2. on PTX3000, PTX5000, QFX10000: * All versions prior to 20.4R3-S8; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3 * 22.2 versions prior to 22.2R3-S1 * 22.3 versions prior to 22.3R2-S2, 22.3R3 * 22.4 versions prior to 22.4R2.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-401 - A Missing Release of Memory after Effective Lifetime
Denial of Service (DoS)

Assigner

juniper

References

URL

Tags

https://supportportal.juniper.net/JSA73530

vendor-advisory

Impacted products

Vendor

Product

Version

Juniper Networks

Junos OS

Affected: 0 , < 20.4R3-S5 (semver)
Affected: 21.1 , < 21.1R3-S4 (semver)
Affected: 21.2 , < 21.2R3-S2 (semver)
Affected: 21.3 , < 21.3R3 (semver)
Affected: 21.4 , < 21.4R2-S2, 21.4R3 (semver)
Affected: 22.1 , < 22.1R1-S2, 22.1R2 (semver)

Juniper Networks

Junos OS

Affected: 0 , < 20.4R3-S8 (semver)
Affected: 21.1R1 , < 21.1* (semver)
Affected: 21.2 , < 21.2R3-S6 (semver)
Affected: 21.3 , < 21.3R3-S5 (semver)
Affected: 21.4 , < 21.4R3-S4 (semver)
Affected: 22.1 , < 22.1R3-S3 (semver)
Affected: 22.2 , < 22.2R3-S1 (semver)
Affected: 22.3 , < 22.3R2-S2, 22.3R3 (semver)
Affected: 22.4 , < 22.4R2 (semver)

Date Public ?

2023-10-11 16:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:06.639Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportportal.juniper.net/JSA73530"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "PTX1000",
            "PTX10002",
            "PTX10004",
            "PTX10008",
            "PTX10016 with LC110x FPCs"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R3-S5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "21.1R3-S4",
              "status": "affected",
              "version": "21.1",
              "versionType": "semver"
            },
            {
              "lessThan": "21.2R3-S2",
              "status": "affected",
              "version": "21.2",
              "versionType": "semver"
            },
            {
              "lessThan": "21.3R3",
              "status": "affected",
              "version": "21.3",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R2-S2, 21.4R3",
              "status": "affected",
              "version": "21.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R1-S2, 22.1R2",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "PTX3000",
            "PTX5000",
            "QFX10000"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R3-S8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "21.1*",
              "status": "affected",
              "version": "21.1R1",
              "versionType": "semver"
            },
            {
              "lessThan": "21.2R3-S6",
              "status": "affected",
              "version": "21.2",
              "versionType": "semver"
            },
            {
              "lessThan": "21.3R3-S5",
              "status": "affected",
              "version": "21.3",
              "versionType": "semver"
            },
            {
              "lessThan": "21.4R3-S4",
              "status": "affected",
              "version": "21.4",
              "versionType": "semver"
            },
            {
              "lessThan": "22.1R3-S3",
              "status": "affected",
              "version": "22.1",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S1",
              "status": "affected",
              "version": "22.2",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R2-S2, 22.3R3",
              "status": "affected",
              "version": "22.3",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R2",
              "status": "affected",
              "version": "22.4",
              "versionType": "semver"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following configuration is affected by this issue:\u003c/p\u003e \u003ctt\u003e[protocols bgp group family flow]\u003c/tt\u003e"
            }
          ],
          "value": "The following configuration is affected by this issue:\n\n [protocols bgp group family flow]"
        }
      ],
      "datePublic": "2023-10-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eA Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).\u003c/p\u003e\u003cp\u003ePTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs do not support certain flow-routes. Once a flow-route is received over an established BGP session and an attempt is made to install the resulting filter into the PFE, FPC heap memory is leaked. The FPC heap memory can be monitored using the CLI command \"show chassis fpc\".\u003c/p\u003e\u003cp\u003eThe following syslog messages can be observed if the respective filter derived from a flow-route cannot be installed.\u003c/p\u003e\u003ccode\u003eexpr_dfw_sfm_range_add:661 SFM packet-length Unable to get a sfm entry for updating the hw\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_hw_sfm_add:750 Unable to add the filter secondarymatch to the hardware\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_base_hw_add:52 Failed to add h/w sfm data.\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_base_hw_create:114 Failed to add h/w data.\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_base_pfe_inst_create:241 Failed to create base inst for sfilter 0 on PFE 0 for __flowspec_default_inet__\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_flt_inst_change:1368 Failed to create __flowspec_default_inet__ on PFE 0\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_hw_pgm_fnum:465 dfw_pfe_inst_old not found for pfe_index 0!\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_bp_pgm_flt_num:548 Failed to pgm bind-point in hw: generic failure\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_bp_topo_handler:1102 Failed to program fnum.\u003c/code\u003e\u003cbr\u003e\u003ccode\u003eexpr_dfw_entry_process_change:679 Failed to change instance for filter __flowspec_default_inet__.\u003c/code\u003e\u003cbr\u003e\u003cp\u003eThis issue affects Juniper Networks Junos OS:\u003c/p\u003e\u003cp\u003eon PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S5;\u003c/li\u003e\u003cli\u003e21.1 versions prior to 21.1R3-S4;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S2;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R2-S2, 21.4R3;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R1-S2, 22.1R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eon PTX3000, PTX5000, QFX10000:\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eAll versions prior to 20.4R3-S8;\u003c/li\u003e\u003cli\u003e21.1 version 21.1R1 and later versions;\u003c/li\u003e\u003cli\u003e21.2 versions prior to 21.2R3-S6;\u003c/li\u003e\u003cli\u003e21.3 versions prior to 21.3R3-S5;\u003c/li\u003e\u003cli\u003e21.4 versions prior to 21.4R3-S4;\u003c/li\u003e\u003cli\u003e22.1 versions prior to 22.1R3-S3\u003c/li\u003e\u003cli\u003e22.2 versions prior to 22.2R3-S1\u003c/li\u003e\u003cli\u003e22.3 versions prior to 22.3R2-S2, 22.3R3\u003c/li\u003e\u003cli\u003e22.4 versions prior to 22.4R2.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\n\n"
            }
          ],
          "value": "\nA Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).\n\nPTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs do not support certain flow-routes. Once a flow-route is received over an established BGP session and an attempt is made to install the resulting filter into the PFE, FPC heap memory is leaked. The FPC heap memory can be monitored using the CLI command \"show chassis fpc\".\n\nThe following syslog messages can be observed if the respective filter derived from a flow-route cannot be installed.\n\nexpr_dfw_sfm_range_add:661 SFM packet-length Unable to get a sfm entry for updating the hw\nexpr_dfw_hw_sfm_add:750 Unable to add the filter secondarymatch to the hardware\nexpr_dfw_base_hw_add:52 Failed to add h/w sfm data.\nexpr_dfw_base_hw_create:114 Failed to add h/w data.\nexpr_dfw_base_pfe_inst_create:241 Failed to create base inst for sfilter 0 on PFE 0 for __flowspec_default_inet__\nexpr_dfw_flt_inst_change:1368 Failed to create __flowspec_default_inet__ on PFE 0\nexpr_dfw_hw_pgm_fnum:465 dfw_pfe_inst_old not found for pfe_index 0!\nexpr_dfw_bp_pgm_flt_num:548 Failed to pgm bind-point in hw: generic failure\nexpr_dfw_bp_topo_handler:1102 Failed to program fnum.\nexpr_dfw_entry_process_change:679 Failed to change instance for filter __flowspec_default_inet__.\nThis issue affects Juniper Networks Junos OS:\n\non PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs:\n\n\n\n  *  All versions prior to 20.4R3-S5;\n  *  21.1 versions prior to 21.1R3-S4;\n  *  21.2 versions prior to 21.2R3-S2;\n  *  21.3 versions prior to 21.3R3;\n  *  21.4 versions prior to 21.4R2-S2, 21.4R3;\n  *  22.1 versions prior to 22.1R1-S2, 22.1R2.\n\n\n\n\non PTX3000, PTX5000, QFX10000:\n\n\n\n  *  All versions prior to 20.4R3-S8;\n  *  21.1 version 21.1R1 and later versions;\n  *  21.2 versions prior to 21.2R3-S6;\n  *  21.3 versions prior to 21.3R3-S5;\n  *  21.4 versions prior to 21.4R3-S4;\n  *  22.1 versions prior to 22.1R3-S3\n  *  22.2 versions prior to 22.2R3-S1\n  *  22.3 versions prior to 22.3R2-S2, 22.3R3\n  *  22.4 versions prior to 22.4R2.\n\n\n\n\n\n\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401 A Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-23T19:10:26.391Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA73530"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue: \u003c/p\u003e\u003cp\u003eFor PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs: Junos OS 20.4R3-S5, 21.1R3-S4, 21.2R3-S2, 21.3R3, 21.4R2-S2, 21.4R3, 22.1R1-S2, 22.1R2, 22.2R1, and all subsequent releases.\u003c/p\u003e\u003cp\u003eFor PTX3000, PTX5000, QFX10000: Junos OS 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2, 23.2R1, and all subsequent releases.\u003c/p\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: \n\nFor PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs: Junos OS 20.4R3-S5, 21.1R3-S4, 21.2R3-S2, 21.3R3, 21.4R2-S2, 21.4R3, 22.1R1-S2, 22.1R2, 22.2R1, and all subsequent releases.\n\nFor PTX3000, PTX5000, QFX10000: Junos OS 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2, 23.2R1, and all subsequent releases.\n\n"
        }
      ],
      "source": {
        "advisory": "JSA73530",
        "defect": [
          "1650443",
          "1716398"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-11T16:00:00.000Z",
          "value": "Initial Publication"
        },
        {
          "lang": "en",
          "time": "2023-11-23T17:00:00.000Z",
          "value": "Corrected vendor-advisory reference URL"
        }
      ],
      "title": "Junos OS: PTX Series and QFX10000 Series: Received flow-routes which aren\u0027t installed as the hardware doesn\u0027t support them, lead to an FPC heap memory leak",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere are no known workarounds for this issue.\u003c/p\u003e"
            }
          ],
          "value": "There are no known workarounds for this issue.\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-av217"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2023-22392",
    "datePublished": "2023-10-12T22:55:42.016Z",
    "dateReserved": "2022-12-27T16:52:14.098Z",
    "dateUpdated": "2024-08-02T10:07:06.639Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2023-06851

CVE-2023-22392 (GCVE-0-2023-22392)

Tags

Sightings

Nomenclature