First published: Thu Jan 12 2023(Updated: )
A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In an MPLS scenario specific packets destined to an Integrated Routing and Bridging (irb) interface of the device will cause a buffer (mbuf) to leak. Continued receipt of these specific packets will eventually cause a loss of connectivity to and from the device, and requires a reboot to recover. These mbufs can be monitored by using the CLI command 'show system buffers': user@host> show system buffers 783/1497/2280 mbufs in use (current/cache/total) user@host> show system buffers 793/1487/2280 mbufs in use (current/cache/total) <<<<<< mbuf usage increased This issue affects Juniper Networks Junos OS: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R2.
Credit: sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Juniper Junos | <19.3 | |
Juniper Junos | =19.3 | |
Juniper Junos | =19.3-r1 | |
Juniper Junos | =19.3-r1-s1 | |
Juniper Junos | =19.3-r2 | |
Juniper Junos | =19.3-r2-s1 | |
Juniper Junos | =19.3-r2-s2 | |
Juniper Junos | =19.3-r2-s3 | |
Juniper Junos | =19.3-r2-s4 | |
Juniper Junos | =19.3-r2-s5 | |
Juniper Junos | =19.3-r2-s6 | |
Juniper Junos | =19.3-r3 | |
Juniper Junos | =19.3-r3-s1 | |
Juniper Junos | =19.3-r3-s2 | |
Juniper Junos | =19.3-r3-s3 | |
Juniper Junos | =19.3-r3-s4 | |
Juniper Junos | =19.3-r3-s5 | |
Juniper Junos | =19.3-r3-s6 | |
Juniper Junos | =19.4 | |
Juniper Junos | =19.4-r1 | |
Juniper Junos | =19.4-r1-s1 | |
Juniper Junos | =19.4-r1-s2 | |
Juniper Junos | =19.4-r1-s3 | |
Juniper Junos | =19.4-r1-s4 | |
Juniper Junos | =19.4-r2 | |
Juniper Junos | =19.4-r2-s1 | |
Juniper Junos | =19.4-r2-s2 | |
Juniper Junos | =19.4-r2-s3 | |
Juniper Junos | =19.4-r2-s4 | |
Juniper Junos | =19.4-r2-s5 | |
Juniper Junos | =19.4-r2-s6 | |
Juniper Junos | =19.4-r2-s7 | |
Juniper Junos | =19.4-r3 | |
Juniper Junos | =19.4-r3-s1 | |
Juniper Junos | =19.4-r3-s2 | |
Juniper Junos | =19.4-r3-s3 | |
Juniper Junos | =19.4-r3-s4 | |
Juniper Junos | =19.4-r3-s5 | |
Juniper Junos | =19.4-r3-s6 | |
Juniper Junos | =19.4-r3-s7 | |
Juniper Junos | =19.4-r3-s8 | |
Juniper Junos | =19.4-r3-s9 | |
Juniper Junos | =20.1-r1 | |
Juniper Junos | =20.1-r1-s1 | |
Juniper Junos | =20.1-r1-s2 | |
Juniper Junos | =20.1-r1-s3 | |
Juniper Junos | =20.1-r1-s4 | |
Juniper Junos | =20.1-r2 | |
Juniper Junos | =20.1-r2-s1 | |
Juniper Junos | =20.1-r2-s2 | |
Juniper Junos | =20.1-r3 | |
Juniper Junos | =20.1-r3-s1 | |
Juniper Junos | =20.1-r3-s2 | |
Juniper Junos | =20.1-r3-s3 | |
Juniper Junos | =20.1-r3-s4 | |
Juniper Junos | =20.2 | |
Juniper Junos | =20.2-r1 | |
Juniper Junos | =20.2-r1-s1 | |
Juniper Junos | =20.2-r1-s2 | |
Juniper Junos | =20.2-r1-s3 | |
Juniper Junos | =20.2-r2 | |
Juniper Junos | =20.2-r2-s1 | |
Juniper Junos | =20.2-r2-s2 | |
Juniper Junos | =20.2-r2-s3 | |
Juniper Junos | =20.2-r3 | |
Juniper Junos | =20.2-r3-s1 | |
Juniper Junos | =20.2-r3-s2 | |
Juniper Junos | =20.2-r3-s3 | |
Juniper Junos | =20.2-r3-s4 | |
Juniper Junos | =20.3 | |
Juniper Junos | =20.3-r1 | |
Juniper Junos | =20.3-r1-s1 | |
Juniper Junos | =20.3-r1-s2 | |
Juniper Junos | =20.3-r2 | |
Juniper Junos | =20.3-r2-s1 | |
Juniper Junos | =20.3-r3 | |
Juniper Junos | =20.3-r3-s1 | |
Juniper Junos | =20.3-r3-s2 | |
Juniper Junos | =20.3-r3-s3 | |
Juniper Junos | =20.3-r3-s4 | |
Juniper Junos | =20.4 | |
Juniper Junos | =20.4-r1 | |
Juniper Junos | =20.4-r1-s1 | |
Juniper Junos | =20.4-r2 | |
Juniper Junos | =20.4-r2-s1 | |
Juniper Junos | =20.4-r2-s2 | |
Juniper Junos | =20.4-r3 | |
Juniper Junos | =20.4-r3-s1 | |
Juniper Junos | =20.4-r3-s2 | |
Juniper Junos | =20.4-r3-s3 | |
Juniper Junos | =21.1 | |
Juniper Junos | =21.1-r1 | |
Juniper Junos | =21.1-r1-s1 | |
Juniper Junos | =21.1-r2 | |
Juniper Junos | =21.1-r2-s1 | |
Juniper Junos | =21.1-r2-s2 | |
Juniper Junos | =21.1-r3 | |
Juniper Junos | =21.1-r3-s1 | |
Juniper Junos | =21.1-r3-s2 | |
Juniper Junos | =21.2 | |
Juniper Junos | =21.2-r1 | |
Juniper Junos | =21.2-r1-s1 | |
Juniper Junos | =21.2-r1-s2 | |
Juniper Junos | =21.2-r2 | |
Juniper Junos | =21.2-r2-s1 | |
Juniper Junos | =21.2-r2-s2 | |
Juniper Junos | =21.2-r3 | |
Juniper Junos | =21.2-r3-s1 | |
Juniper Junos | =21.3 | |
Juniper Junos | =21.3-r1 | |
Juniper Junos | =21.3-r1-s1 | |
Juniper Junos | =21.3-r1-s2 | |
Juniper Junos | =21.3-r2 | |
Juniper Junos | =21.3-r2-s1 | |
Juniper Junos | =21.3-r2-s2 | |
Juniper Junos | =21.3-r3 | |
Juniper Junos | =21.4 | |
Juniper Junos | =21.4-r1 | |
Juniper Junos | =21.4-r1-s1 | |
Juniper Junos | =21.4-r1-s2 | |
Juniper Junos | =21.4-r2 | |
Juniper Junos | =21.4-r2-s1 | |
Juniper Junos | =22.1-r1 | |
Juniper Junos | =22.1-r1-s1 |
The following software releases have been updated to resolve this specific issue: 19.3R3-S7, 19.4R3-S9, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S3, 21.2R3-S2, 21.3R3-S1, 21.4R3, 22.1R2, 22.2R1, and all subsequent releases.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-22395 has a severity rating that indicates it can allow unauthenticated, adjacent attackers to cause a Denial of Service (DoS).
To address CVE-2023-22395, it is recommended to update to the patched versions of Junos OS as specified in the vendor's advisory.
CVE-2023-22395 affects multiple versions of Junos OS up to 19.3, along with specific builds of versions 19.4 and later.
CVE-2023-22395 enables attackers to perform a Denial of Service (DoS) attack by sending specific packets in an MPLS scenario.
If running an affected version of Junos OS, promptly apply the security updates released by Juniper Networks to mitigate the vulnerability.