Use after free in Junos OS Evolved



Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2023-22402
CWE-ID CWE-416
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Junos OS Evolved
Operating systems & Components / Operating system

Vendor Juniper Networks, Inc.

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Use after free

EUVDB-ID: #VU82486

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-22402

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to use after free error in the kernel. A remote non-authenticated attacker can cause a Denial of Service (DoS).

In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor flap of auto-discovery sessions for any reason.

This is a race condition which is outside of an attackers direct control and it depends on system internal timing whether this issue occurs.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Junos OS Evolved: 21.3R1-EVO - 22.2-EVO

CPE2.3 External links

https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-Evolved-The-kernel-might-restart-in-a-BGP-scenario-where-bgp-auto-discovery-is-enabled-and-such-a-neighbor-flaps-CVE-2023-22402


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###