CVE-2023-44204

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 21.4R3-S4 Juniper Networks Junos OS versions prior to 22.1R3-S3 Juniper Networks Junos OS versions prior to 22.2R3-S2 Juniper Networks Junos OS versions prior to 22.3R2-S2, 22.3R3 Juniper Networks Junos OS versions prior to 22.4R2-S1, 22.4R3 Juniper Networks Junos OS versions prior to 23.2R1, 23.2R2 Juniper Networks Junos OS Evolved versions prior to 21.4R3-S5-EVO Juniper Networks Junos OS Evolved versions prior to 22.1R3-S3-EVO Juniper Networks Junos OS Evolved versions prior to 22.2R3-S3-EVO Juniper Networks Junos OS Evolved versions prior to 22.3R2-S2-EVO Juniper Networks Junos OS Evolved versions prior to 22.4R3-EVO Juniper Networks Junos OS Evolved versions prior to 23.2R2-EVO

Description An Improper Validation of Syntactic Correctness of Input issue in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, the rpd crashes and restarts. This issue affects both eBGP and iBGP implementations.

Recommendations For Juniper Networks Junos OS version 21.4, update to 21.4R3-S4 or later. For Juniper Networks Junos OS version 22.1, update to 22.1R3-S3 or later. For Juniper Networks Junos OS version 22.2, update to 22.2R3-S2 or later. For Juniper Networks Junos OS version 22.3, update to 22.3R2-S2, 22.3R3 or later. For Juniper Networks Junos OS version 22.4, update to 22.4R2-S1, 22.4R3 or later. For Juniper Networks Junos OS version 23.2, update to 23.2R1, 23.2R2 or later. For Juniper Networks Junos OS Evolved version 21.4, update to 21.4R3-S5-EVO or later. For Juniper Networks Junos OS Evolved version 22.1, update to 22.1R3-S3-EVO or later. For Juniper Networks Junos OS Evolved version 22.2, update to 22.2R3-S3-EVO or later. For Juniper Networks Junos OS Evolved version 22.3, update to 22.3R2-S2-EVO or later. For Juniper Networks Junos OS Evolved version 22.4, update to 22.4R3-EVO or later. For Juniper Networks Junos OS Evolved version 23.2, update to 23.2R2-EVO or later.