CVE-2023-22399

Name of the Vulnerable Software and Affected Versions Junos versions prior to 19.4R3-S9 Junos versions 20.2 prior to 20.2R3-S6 Junos versions 20.3 prior to 20.3R3-S6 Junos versions 20.4 prior to 20.4R3-S5 Junos versions 21.1 prior to 21.1R3-S4 Junos versions 21.2 prior to 21.2R3-S3 Junos versions 21.3 prior to 21.3R3-S2 Junos versions 21.4 prior to 21.4R2-S2, 21.4R3 Junos versions 22.1 prior to 22.1R2 Junos versions 22.2 prior to 22.2R1-S2, 22.2R2

Description The issue is caused by a buffer overflow on the stack in the dcpfe component of Juniper Networks Junos OS. This can be exploited by a remote attacker to cause a Denial of Service (DoS) condition by sending specific packets to the device, resulting in the crash and restart of the Packet Forwarding Engine (PFE). The dcpfe process attempts to copy more data into a smaller buffer, which overflows and corrupts the buffer, causing a crash. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition.

Recommendations For Junos versions prior to 19.4R3-S9, update to version 19.4R3-S9 or later. For Junos versions 20.2 prior to 20.2R3-S6, update to version 20.2R3-S6 or later. For Junos versions 20.3 prior to 20.3R3-S6, update to version 20.3R3-S6 or later. For Junos versions 20.4 prior to 20.4R3-S5, update to version 20.4R3-S5 or later. For Junos versions 21.1 prior to 21.1R3-S4, update to version 21.1R3-S4 or later. For Junos versions 21.2 prior to 21.2R3-S3, update to version 21.2R3-S3 or later. For Junos versions 21.3 prior to 21.3R3-S2, update to version 21.3R3-S2 or later. For Junos versions 21.4 prior to 21.4R2-S2, 21.4R3, update to version 21.4R2-S2, 21.4R3 or later. For Junos versions 22.1 prior to 22.1R2, update to version 22.1R2 or later. For Junos versions 22.2 prior to 22.2R1-S2, 22.2R2, update to version 22.2R1-S2, 22.2R2 or later. As a temporary workaround, consider disabling the sFlow monitoring feature until a patch is available.