CVE-2023-28959
Gravedad CVSS v3.1:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
17/04/2023
Última modificación:
28/04/2023
Descripción
*** Pendiente de traducción *** An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to wedge and to eventually restart, resulting in a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue can only be triggered by sending a specific malformed packet to the device. Transit traffic does not trigger this issue. An indication of this issue occurring can be seen through the following log messages: fpc0 expr_hostbound_packet_handler: Receive pe 73? fpc0 Cmerror Op Set: PE Chip: PE0[0]: PGQ:misc_intr: 0x00000020: Enqueue of a packet with out-of-range VOQ in 192K-VOQ mode (URI: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL) The logs list below can also be observed when this issue occurs fpc0 Error: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL (0x210107), scope: pfe, category: functional, severity: major, module: PE Chip, type: Description for PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL fpc0 Performing action cmalarm for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_PGQ_MISC_INT_EVENTS_ENQ_192K_VIOL (0x210107) in module: PE Chip with scope: pfe category: functional level: major fpc0 Error: /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a), scope: pfe, category: functional, severity: fatal, module: PE Chip, type: Description for PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE fpc0 Performing action cmalarm for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a) in module: PE Chip with scope: pfe category: functional level: fatal fpc0 Performing action disable-pfe for error /fpc/0/pfe/0/cm/0/PE_Chip/0/PECHIP_CMERROR_CM_INT_REG_DCHK_PIPE (0x21011a) in module: PE Chip with scope: pfe category: functional level: fatal This issue affects Juniper Networks Junos OS on QFX10002: All versions prior to 19.1R3-S10; 19.4 versions prior to 19.4R3-S11; 20.2 versions prior to 20.2R3-S7; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2.
Impacto
Puntuación base 3.x
6.50
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* | 19.1 (excluyendo) | |
| cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r2-s3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página