CVE-2023-1697: Junos OS: QFX10000 Series, PTX1000 Series: The dcpfe process will crash when a malformed ethernet frame is received
First published: Mon Apr 17 2023(Updated: )
An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). Continued receipt of these specific frames will cause a sustained Denial of Service condition. This issue occurs when a specific malformed ethernet frame is received. This issue affects Juniper Networks Junos OS on QFX10000 Series, PTX1000 Series Series: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S1, 22.1R3; 22.2 versions prior to 22.2R1-S2, 22.2R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Junos OS Evolved | <19.4 | |
| Junos OS Evolved | =19.4 | |
| Junos OS Evolved | =19.4-r1 | |
| Junos OS Evolved | =19.4-r1-s1 | |
| Junos OS Evolved | =19.4-r1-s2 | |
| Junos OS Evolved | =19.4-r1-s3 | |
| Junos OS Evolved | =19.4-r1-s4 | |
| Junos OS Evolved | =19.4-r2 | |
| Junos OS Evolved | =19.4-r2-s1 | |
| Junos OS Evolved | =19.4-r2-s2 | |
| Junos OS Evolved | =19.4-r2-s3 | |
| Junos OS Evolved | =19.4-r2-s4 | |
| Junos OS Evolved | =19.4-r2-s5 | |
| Junos OS Evolved | =19.4-r2-s6 | |
| Junos OS Evolved | =19.4-r2-s7 | |
| Junos OS Evolved | =19.4-r3 | |
| Junos OS Evolved | =19.4-r3-s1 | |
| Junos OS Evolved | =19.4-r3-s2 | |
| Junos OS Evolved | =19.4-r3-s3 | |
| Junos OS Evolved | =19.4-r3-s4 | |
| Junos OS Evolved | =19.4-r3-s5 | |
| Junos OS Evolved | =19.4-r3-s6 | |
| Junos OS Evolved | =19.4-r3-s7 | |
| Junos OS Evolved | =19.4-r3-s8 | |
| Junos OS Evolved | =19.4-r3-s9 | |
| Junos OS Evolved | =20.1 | |
| Junos OS Evolved | =20.1-r1 | |
| Junos OS Evolved | =20.1-r1-s1 | |
| Junos OS Evolved | =20.1-r1-s2 | |
| Junos OS Evolved | =20.1-r1-s3 | |
| Junos OS Evolved | =20.1-r1-s4 | |
| Junos OS Evolved | =20.1-r2 | |
| Junos OS Evolved | =20.1-r2-s1 | |
| Junos OS Evolved | =20.1-r2-s2 | |
| Junos OS Evolved | =20.1-r3 | |
| Junos OS Evolved | =20.1-r3-s1 | |
| Junos OS Evolved | =20.1-r3-s2 | |
| Junos OS Evolved | =20.1-r3-s3 | |
| Junos OS Evolved | =20.1-r3-s4 | |
| Junos OS Evolved | =20.1-r3-s5 | |
| Junos OS Evolved | =20.2 | |
| Junos OS Evolved | =20.2-r1 | |
| Junos OS Evolved | =20.2-r1-s1 | |
| Junos OS Evolved | =20.2-r1-s2 | |
| Junos OS Evolved | =20.2-r1-s3 | |
| Junos OS Evolved | =20.2-r2 | |
| Junos OS Evolved | =20.2-r2-s1 | |
| Junos OS Evolved | =20.2-r2-s2 | |
| Junos OS Evolved | =20.2-r2-s3 | |
| Junos OS Evolved | =20.2-r3 | |
| Junos OS Evolved | =20.2-r3-s1 | |
| Junos OS Evolved | =20.2-r3-s2 | |
| Junos OS Evolved | =20.2-r3-s3 | |
| Junos OS Evolved | =20.2-r3-s4 | |
| Junos OS Evolved | =20.2-r3-s5 | |
| Junos OS Evolved | =20.3 | |
| Junos OS Evolved | =20.3-r1 | |
| Junos OS Evolved | =20.3-r1-s1 | |
| Junos OS Evolved | =20.3-r1-s2 | |
| Junos OS Evolved | =20.3-r2 | |
| Junos OS Evolved | =20.3-r2-s1 | |
| Junos OS Evolved | =20.3-r3 | |
| Junos OS Evolved | =20.3-r3-s1 | |
| Junos OS Evolved | =20.3-r3-s2 | |
| Junos OS Evolved | =20.3-r3-s3 | |
| Junos OS Evolved | =20.3-r3-s4 | |
| Junos OS Evolved | =20.3-r3-s5 | |
| Junos OS Evolved | =20.4 | |
| Junos OS Evolved | =20.4-r1 | |
| Junos OS Evolved | =20.4-r1-s1 | |
| Junos OS Evolved | =20.4-r2 | |
| Junos OS Evolved | =20.4-r2-s1 | |
| Junos OS Evolved | =20.4-r2-s2 | |
| Junos OS Evolved | =20.4-r3 | |
| Junos OS Evolved | =20.4-r3-s1 | |
| Junos OS Evolved | =20.4-r3-s2 | |
| Junos OS Evolved | =20.4-r3-s3 | |
| Junos OS Evolved | =20.4-r3-s4 | |
| Junos OS Evolved | =21.1 | |
| Junos OS Evolved | =21.1-r1 | |
| Junos OS Evolved | =21.1-r1-s1 | |
| Junos OS Evolved | =21.1-r2 | |
| Junos OS Evolved | =21.1-r2-s1 | |
| Junos OS Evolved | =21.1-r2-s2 | |
| Junos OS Evolved | =21.1-r3 | |
| Junos OS Evolved | =21.1-r3-s1 | |
| Junos OS Evolved | =21.1-r3-s2 | |
| Junos OS Evolved | =21.1-r3-s3 | |
| Junos OS Evolved | =21.2 | |
| Junos OS Evolved | =21.2-r1 | |
| Junos OS Evolved | =21.2-r1-s1 | |
| Junos OS Evolved | =21.2-r1-s2 | |
| Junos OS Evolved | =21.2-r2 | |
| Junos OS Evolved | =21.2-r2-s1 | |
| Junos OS Evolved | =21.2-r2-s2 | |
| Junos OS Evolved | =21.2-r3 | |
| Junos OS Evolved | =21.2-r3-s1 | |
| Junos OS Evolved | =21.2-r3-s2 | |
| Junos OS Evolved | =21.3 | |
| Junos OS Evolved | =21.3-r1 | |
| Junos OS Evolved | =21.3-r1-s1 | |
| Junos OS Evolved | =21.3-r1-s2 | |
| Junos OS Evolved | =21.3-r2 | |
| Junos OS Evolved | =21.3-r2-s1 | |
| Junos OS Evolved | =21.3-r2-s2 | |
| Junos OS Evolved | =21.3-r3 | |
| Junos OS Evolved | =21.3-r3-s1 | |
| Junos OS Evolved | =21.3-r3-s2 | |
| Junos OS Evolved | =21.4 | |
| Junos OS Evolved | =21.4-r1 | |
| Junos OS Evolved | =21.4-r1-s1 | |
| Junos OS Evolved | =21.4-r1-s2 | |
| Junos OS Evolved | =21.4-r2 | |
| Junos OS Evolved | =21.4-r2-s1 | |
| Junos OS Evolved | =21.4-r2-s2 | |
| Junos OS Evolved | =21.4-r3 | |
| Junos OS Evolved | =22.1-r1 | |
| Junos OS Evolved | =22.1-r1-s1 | |
| Junos OS Evolved | =22.1-r1-s2 | |
| Junos OS Evolved | =22.1-r2 | |
| Junos OS Evolved | =22.2-r1 | |
| Junos OS Evolved | =22.2-r1-s1 | |
| Juniper PTX1000 | ||
| Juniper Networks QFX-Series | ||
| Juniper QFX10002-60C | ||
| Juniper Networks QFX-Series | ||
| Juniper Networks QFX-Series |
Remedy
The following software releases have been updated to resolve this specific issue: 19.4R3-S10, 20.2R3-S6, 20.3R3-S6, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S3, 21.4R3-S1, 22.1R2-S1, 22.1R3, 22.2R1-S2, 22.2R2, 22.3R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-1697?
CVE-2023-1697 has been classified as a Denial of Service (DoS) vulnerability.
How do I fix CVE-2023-1697?
To remediate CVE-2023-1697, you should upgrade your Junos OS to a version that contains the patch for this vulnerability.
What is the impact of CVE-2023-1697 on Junos OS?
The impact of CVE-2023-1697 allows an unauthenticated adjacent attacker to cause a Denial of Service by triggering a core dump of the dcpfe process.
Which versions of Junos OS are affected by CVE-2023-1697?
CVE-2023-1697 affects several versions of Junos OS prior to 19.4 and includes specific 19.4 and later releases.
Can CVE-2023-1697 be exploited remotely?
No, CVE-2023-1697 requires the attacker to be adjacent to the vulnerable network segment to exploit the vulnerability.
- agent/type
- agent/author
- agent/references
- agent/weakness
- agent/severity
- agent/remedy
- agent/title
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/junos os evolved
- version/junos os evolved/19.4
- version/junos os evolved/19.4-r1
- version/junos os evolved/19.4-r1-s1
- version/junos os evolved/19.4-r1-s2
- version/junos os evolved/19.4-r1-s3
- version/junos os evolved/19.4-r1-s4
- version/junos os evolved/19.4-r2
- version/junos os evolved/19.4-r2-s1
- version/junos os evolved/19.4-r2-s2
- version/junos os evolved/19.4-r2-s3
- version/junos os evolved/19.4-r2-s4
- version/junos os evolved/19.4-r2-s5
- version/junos os evolved/19.4-r2-s6
- version/junos os evolved/19.4-r2-s7
- version/junos os evolved/19.4-r3
- version/junos os evolved/19.4-r3-s1
- version/junos os evolved/19.4-r3-s2
- version/junos os evolved/19.4-r3-s3
- version/junos os evolved/19.4-r3-s4
- version/junos os evolved/19.4-r3-s5
- version/junos os evolved/19.4-r3-s6
- version/junos os evolved/19.4-r3-s7
- version/junos os evolved/19.4-r3-s8
- version/junos os evolved/19.4-r3-s9
- version/junos os evolved/20.1
- version/junos os evolved/20.1-r1
- version/junos os evolved/20.1-r1-s1
- version/junos os evolved/20.1-r1-s2
- version/junos os evolved/20.1-r1-s3
- version/junos os evolved/20.1-r1-s4
- version/junos os evolved/20.1-r2
- version/junos os evolved/20.1-r2-s1
- version/junos os evolved/20.1-r2-s2
- version/junos os evolved/20.1-r3
- version/junos os evolved/20.1-r3-s1
- version/junos os evolved/20.1-r3-s2
- version/junos os evolved/20.1-r3-s3
- version/junos os evolved/20.1-r3-s4
- version/junos os evolved/20.1-r3-s5
- version/junos os evolved/20.2
- version/junos os evolved/20.2-r1
- version/junos os evolved/20.2-r1-s1
- version/junos os evolved/20.2-r1-s2
- version/junos os evolved/20.2-r1-s3
- version/junos os evolved/20.2-r2
- version/junos os evolved/20.2-r2-s1
- version/junos os evolved/20.2-r2-s2
- version/junos os evolved/20.2-r2-s3
- version/junos os evolved/20.2-r3
- version/junos os evolved/20.2-r3-s1
- version/junos os evolved/20.2-r3-s2
- version/junos os evolved/20.2-r3-s3
- version/junos os evolved/20.2-r3-s4
- version/junos os evolved/20.2-r3-s5
- version/junos os evolved/20.3
- version/junos os evolved/20.3-r1
- version/junos os evolved/20.3-r1-s1
- version/junos os evolved/20.3-r1-s2
- version/junos os evolved/20.3-r2
- version/junos os evolved/20.3-r2-s1
- version/junos os evolved/20.3-r3
- version/junos os evolved/20.3-r3-s1
- version/junos os evolved/20.3-r3-s2
- version/junos os evolved/20.3-r3-s3
- version/junos os evolved/20.3-r3-s4
- version/junos os evolved/20.3-r3-s5
- version/junos os evolved/20.4
- version/junos os evolved/20.4-r1
- version/junos os evolved/20.4-r1-s1
- version/junos os evolved/20.4-r2
- version/junos os evolved/20.4-r2-s1
- version/junos os evolved/20.4-r2-s2
- version/junos os evolved/20.4-r3
- version/junos os evolved/20.4-r3-s1
- version/junos os evolved/20.4-r3-s2
- version/junos os evolved/20.4-r3-s3
- version/junos os evolved/20.4-r3-s4
- version/junos os evolved/21.1
- version/junos os evolved/21.1-r1
- version/junos os evolved/21.1-r1-s1
- version/junos os evolved/21.1-r2
- version/junos os evolved/21.1-r2-s1
- version/junos os evolved/21.1-r2-s2
- version/junos os evolved/21.1-r3
- version/junos os evolved/21.1-r3-s1
- version/junos os evolved/21.1-r3-s2
- version/junos os evolved/21.1-r3-s3
- version/junos os evolved/21.2
- version/junos os evolved/21.2-r1
- version/junos os evolved/21.2-r1-s1
- version/junos os evolved/21.2-r1-s2
- version/junos os evolved/21.2-r2
- version/junos os evolved/21.2-r2-s1
- version/junos os evolved/21.2-r2-s2
- version/junos os evolved/21.2-r3
- version/junos os evolved/21.2-r3-s1
- version/junos os evolved/21.2-r3-s2
- version/junos os evolved/21.3
- version/junos os evolved/21.3-r1
- version/junos os evolved/21.3-r1-s1
- version/junos os evolved/21.3-r1-s2
- version/junos os evolved/21.3-r2
- version/junos os evolved/21.3-r2-s1
- version/junos os evolved/21.3-r2-s2
- version/junos os evolved/21.3-r3
- version/junos os evolved/21.3-r3-s1
- version/junos os evolved/21.3-r3-s2
- version/junos os evolved/21.4
- version/junos os evolved/21.4-r1
- version/junos os evolved/21.4-r1-s1
- version/junos os evolved/21.4-r1-s2
- version/junos os evolved/21.4-r2
- version/junos os evolved/21.4-r2-s1
- version/junos os evolved/21.4-r2-s2
- version/junos os evolved/21.4-r3
- version/junos os evolved/22.1-r1
- version/junos os evolved/22.1-r1-s1
- version/junos os evolved/22.1-r1-s2
- version/junos os evolved/22.1-r2
- version/junos os evolved/22.2-r1
- version/junos os evolved/22.2-r1-s1
- canonical/juniper ptx1000
- canonical/juniper networks qfx-series
- canonical/juniper qfx10002-60c