Time-of-check time-of-use (toctou) race condition in Junos OS Evolved - CVE-2023-22397
Published: January 11, 2023
Vulnerability identifier: #VU82470
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-22397
CWE-ID: CWE-367
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vulnerable software:
Junos OS Evolved
Junos OS Evolved
Software vendor:
Juniper Networks, Inc.
Juniper Networks, Inc.
Description
The vulnerability allows a remote non-authenticated attacker to a crash the entire system.
An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain specific genuine packets to begin a Time-of-check Time-of-use (TOCTOU) Race Condition attack which will cause a memory leak to begin. Once this condition begins, and as long as the attacker is able to sustain the offending traffic, a Distributed Denial of Service (DDoS) event occurs.
Remediation
Install updates from vendor's website.