QID 43962
Date Published: 2023-01-30
QID 43962: Juniper Network Operating System (Junos OS) Denial of Service (DoS) Vulnerability (JSA70201)
Juniper Junos is the network operating system used in Juniper Networks hardware systems.
An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS) to device due to out of resources.
On all Junos PTX Series and QFX10000 Series, when specific EVPN VXLAN Multicast packets are processed, an FPC memory leak is observed.
This issue affects:
Juniper Networks Junos OS on QFX5000 and EX4600 series.
All versions prior to 20.2R3-S5
20.3 versions prior to 20.3R3-S5
20.4 versions prior to 20.4R3-S4
21.1 versions prior to 21.1R3-S3
21.2 versions prior to 21.2R3-S1
21.3 versions prior to 21.3R3
21.4 versions prior to 21.4R3
22.1 versions prior to 22.1R2 on
QID detection logic: (Authenticated)
It checks for vulnerable Junos OS version.
It may allow an adjacent, unauthenticated attacker to cause a Denial of Service (DoS) to device due to out of resources.
The following software releases have been updated to resolve this specific issue:
For QFX10000 and PTX Series: 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S3, 21.2R3-S1, 21.3R3, 21.4R3, 22.1R2, 22.2R1 and all subsequent releases.
For more information please visit JSA70201.
- JSA70201 -
kb.juniper.net/JSA70201
CVEs related to QID 43962
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| JSA70201 |
kb.juniper.net/JSA70201 |