CVE-2023-36835

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on QFX10000 versions 20.3R1 through 22.3R2

Description The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series. This vulnerability allows a network-based attacker to cause a Denial of Service (DoS) by sending a specific valid IP packet that needs to be routed over a VXLAN tunnel, resulting in a PFE wedge condition. The condition persists until the system is rebooted to recover.

Recommendations For versions 20.3R1 and later, update to a version after 22.3R2. For versions 20.4 prior to 20.4R3-S5, update to 20.4R3-S5 or later. For versions 21.1 prior to 21.1R3-S5, update to 21.1R3-S5 or later. For versions 21.2 prior to 21.2R3-S5, update to 21.2R3-S5 or later. For versions 21.3 prior to 21.3R3-S4, update to 21.3R3-S4 or later. For versions 21.4 prior to 21.4R3-S1, update to 21.4R3-S1 or later. For versions 22.1 prior to 22.1R3, update to 22.1R3 or later. For versions 22.2 prior to 22.2R2, update to 22.2R2 or later. For versions 22.3 prior to 22.3R1-S2 and 22.3R2, update to 22.3R1-S2 or 22.3R2 or later.