Vulnerabilities > CVE-2023-36833 - Use After Free vulnerability in Juniper Junos OS Evolved

CVSS 6.5 - MEDIUM

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

low complexity

juniper

CWE-416

NVD

Published: 2023-07-14

Updated: 2023-07-27

Summary

A Use After Free vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). The process 'aftman-bt' will crash after multiple flaps on a multicast-only fast reroute (MoFRR) enabled interface. This will cause the respective FPC to stop forwarding traffic and it needs to be rebooted to restore the service. An indication that the system experienced this issue is the following log message: <date> <hostname> evo-aftmand-bt[<pid>]: [Error] jexpr_fdb: sanity check failed, ... , app_name L3 Mcast Routes This issue affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202: 21.2 version 21.2R1-EVO and later versions; 21.3 version 21.3R1-EVO and later versions; 21.4 versions prior to 21.4R3-S3-EVO; 22.1 version 22.1R1-EVO and later versions; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R3-EVO; 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.

Vulnerable Configurations

Part	Description	Count
OS	Juniper Juniper Junos OS Evolved 21.2 Juniper Junos OS Evolved 21.3 Juniper Junos OS Evolved 21.4 Juniper Junos OS Evolved 22.1 Juniper Junos OS Evolved 22.2 Juniper Junos OS Evolved 22.3 Juniper Junos OS Evolved 22.4	57
Hardware	Juniper Juniper Ptx10001 36Mr - Juniper Ptx10004 - Juniper Ptx10008 - Juniper Ptx10016 -	4

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://supportportal.juniper.net/JSA71640