CVE-2023-36832

Summary

An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to send specific packets to an Aggregated Multiservices (AMS) interface on the device, causing the packet forwarding engine (PFE) to crash, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.

This issue is only triggered by packets destined to a local-interface via a service-interface (AMS). AMS is only supported on the MS-MPC, MS-MIC, and MX-SPC3 cards. This issue is not experienced on other types of interfaces or configurations. Additionally, transit traffic does not trigger this issue.

This issue affects Juniper Networks Junos OS on MX Series: All versions prior to 19.1R3-S10; 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S12; 20.2 versions prior to 20.2R3-S8; 20.4 versions prior to 20.4R3-S7; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S5; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S2; 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2-S1, 22.3R3; 22.4 versions prior to 22.4R1-S2, 22.4R2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OSunspecified < 19.1R3-S10affected
Juniper NetworksJunos OS19.2 < 19.2R3-S7affected
Juniper NetworksJunos OS19.3 < 19.3R3-S8affected
Juniper NetworksJunos OS19.4 < 19.4R3-S12affected
Juniper NetworksJunos OS20.2 < 20.2R3-S8affected
Juniper NetworksJunos OS20.4 < 20.4R3-S7affected
Juniper NetworksJunos OS21.1 < 21.1R3-S5affected
Juniper NetworksJunos OS21.2 < 21.2R3-S5affected
Juniper NetworksJunos OS21.3 < 21.3R3-S4affected
Juniper NetworksJunos OS21.4 < 21.4R3-S3affected
Juniper NetworksJunos OS22.1 < 22.1R3-S2affected
Juniper NetworksJunos OS22.2 < 22.2R3affected
Juniper NetworksJunos OS22.3 < 22.3R2-S1, 22.3R3affected
Juniper NetworksJunos OS22.4 < 22.4R1-S2, 22.4R2affected

Weaknesses

  • CWE-755: CWE-755 Improper Handling of Exceptional Conditions
  • Denial of Service (DoS)

Workarounds

Modify the configuration to not have local/host bound ICMP traffic processed by Service Card (MS-MPC/SPC3) or add protect-RE filter to discard ICMP packets.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References