CVE-2023-36833
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).
The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service.
An indication that the system experienced this issue is the following log message:
<date> <hostname> evo-aftmand-bt[<pid>]: [Error] jexpr_fdb: sanity check failed, … , app_name L3 Mcast Routes
This issue affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202: 21.2 version 21.2R1-EVO and later versions; 21.3 version 21.3R1-EVO and later versions; 21.4 versions prior to 21.4R3-S3-EVO; 22.1 version 22.1R1-EVO and later versions; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R3-EVO; 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS Evolved | 21.2 < 21.2* | affected |
| Juniper Networks | Junos OS Evolved | 21.3 < 21.3* | affected |
| Juniper Networks | Junos OS Evolved | 21.4 < 21.4R3-S3-EVO | affected |
| Juniper Networks | Junos OS Evolved | 22.1 < 22.1* | affected |
| Juniper Networks | Junos OS Evolved | 22.2 < 22.2R3-S2-EVO | affected |
| Juniper Networks | Junos OS Evolved | 22.3 < 22.3R3-EVO | affected |
| Juniper Networks | Junos OS Evolved | 22.4 < 22.4R1-S2-EVO, 22.4R2-EVO | affected |
Weaknesses
- CWE-416: CWE-416 Use After Free
- Denial of Service (DoS)
Workarounds
There are no known workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.