CVE-2023-28979

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 19.3R3-S7 Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S9 Juniper Networks Junos OS 20.2 versions prior to 20.2R3-S7 Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S5 Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S4 Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S3 Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S2 Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S1 Juniper Networks Junos OS 21.4 versions prior to 21.4R2-S1, 21.4R3 Juniper Networks Junos OS 22.1 versions prior to 22.1R2 Juniper Networks Junos OS 22.2 versions prior to 22.2R2

Description An Improper Check for Unusual or Exceptional Conditions issue in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. In a 6PE scenario, if an additional integrity check is configured, it will fail to drop specific malformed IPv6 packets, and then these packets will be forwarded to other connected networks.

Recommendations For Juniper Networks Junos OS versions prior to 19.3R3-S7, update to version 19.3R3-S7 or later. For Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S9, update to version 19.4R3-S9 or later. For Juniper Networks Junos OS 20.2 versions prior to 20.2R3-S7, update to version 20.2R3-S7 or later. For Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S5, update to version 20.3R3-S5 or later. For Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S4, update to version 20.4R3-S4 or later. For Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S3, update to version 21.1R3-S3 or later. For Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S2, update to version 21.2R3-S2 or later. For Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S1, update to version 21.3R3-S1 or later. For Juniper Networks Junos OS 21.4 versions prior to 21.4R2-S1, 21.4R3, update to version 21.4R2-S1 or later, or apply the 21.4R3 patch. For Juniper Networks Junos OS 22.1 versions prior to 22.1R2, update to version 22.1R2 or later. For Juniper Networks Junos OS 22.2 versions prior to 22.2R2, update to version 22.2R2 or later.