CVE-2023-36841
CVSS V2 None
CVSS V3 None
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS).
An attacker who sends malformed TCP traffic via an interface configured with PPPoE, causes an infinite loop on the respective PFE. This results in consuming all resources and a manual restart is needed to recover.
This issue affects interfaces with PPPoE configured and tcp-mss enabled.
This issue affects Juniper Networks Junos OS
* All versions prior to 20.4R3-S7;
* 21.1 version 21.1R1 and later versions;
* 21.2 versions prior to 21.2R3-S6;
* 21.3 versions prior to 21.3R3-S5;
* 21.4 versions prior to 21.4R3-S3;
* 22.1 versions prior to 22.1R3-S4;
* 22.2 versions prior to 22.2R3;
* 22.3 versions prior to 22.3R2-S2;
* 22.4 versions prior to 22.4R2;
Overview
- CVE ID
- CVE-2023-36841
- Assigner
- juniper
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-10-12T22:58:14.922Z
- Last Modified Date
- 2023-10-12T22:58:14.922Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://supportportal.juniper.net/JSA73172 | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-36841 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36841 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 16:45:46 | Added to TrackCVE |