An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon (iked) of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec negotiation to trigger an iked crash leading to Denial of Service (DoS). This issue is applicable to all platforms that run iked. This issue affects Junos OS on SRX Series, MX Series with SPC3 and NFX350:  * All versions before 21.2R3-S8,  * from 21.4 before 21.4R3-S7,  * from 22.1 before 22.1R3-S2,  * from 22.2 before 22.2R3-S1,  * from 22.3 before 22.3R2-S1, 22.3R3,  * from 22.4 before 22.4R1-S2, 22.4R2, 22.4R3.

A Buffer Copy without Checking Size of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to send specific RPKI-RTR packets resulting in a crash, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects  Junos OS:  * All versions before 21.2R3-S8,  * from 21.4 before 21.4R3-S8, * from 22.2 before 22.2R3-S4,  * from 22.3 before 22.3R3-S3,  * from 22.4 before 22.4R3-S2,  * from 23.2 before 23.2R2-S1,  * from 23.4 before 23.4R2. Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * from 21.4 before 21.4R3-S8-EVO, * from 22.2 before 22.2R3-S4-EVO,  * from 22.3 before 22.3R3-S3-EVO, * from 22.4 before 22.4R3-S2-EVO,  * from 23.2 before 23.2R2-S1-EVO, * from 23.4 before 23.4R2-EVO.

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS). This issue can occur in two scenarios: 1. If a device, which is configured with SFLOW and ECMP, receives specific valid transit traffic, which is subject to sampling, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. (This scenario is only applicable to PTX but not to ACX or MX.) 2. If a device receives a malformed CFM packet on an interface configured with CFM, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. Please note that the CVSS score is for the formally more severe issue 1. The CVSS score for scenari…

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart. This issue affects: Junos OS: * 22.4 versions before 22.4R3-S1, * 23.2 versions before 23.2R2,  * 23.4 versions before 23.4R1-S1, 23.4R2,  This issue does not affect Junos OS versions earlier than 22.4R1. Junos OS Evolved: * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO, * 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO, This issue does not affect Junos OS Evolved versions earlier than before 22.4R1.

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on SRX Series, and MX Series with SPC3 allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When an affected device receives specific valid TCP traffic, the pfe crashes and restarts leading to a momentary but complete service outage. This issue affects Junos OS: 21.2 releases from 21.2R3-S5 before 21.2R3-S6. This issue does not affect earlier or later releases.

A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart. This issue affects Junos OS on MX Series: * All version before 21.2R3-S6, * 21.4 versions before 21.4R3-S6, * 22.1 versions before 22.1R3-S5, * 22.2 versions before 22.2R3-S3,  * 22.3 versions before 22.3R3-S2, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R2.

A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a  Denial-of-Service (DoS).When multicast traffic with a specific, valid (S,G) is received, evo-pfemand crashes which leads to an outage of the affected FPC until it is manually recovered. This issue affects Junos OS Evolved on ACX7000 Series: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO,  * 22.4-EVO versions before 22.4R3-S2-EVO,  * 23.2-EVO versions before 23.2R2-EVO,  * 23.4-EVO versions before 23.4R1-S2-EVO, 23.4R2-EVO.

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, specific processes which should only be able to communicate internally within the device can be reached over the network via open ports. This issue affects Junos OS Evolved on ACX 7000 Series: * All versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO, * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO, * 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO.

A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). When a BFD session configured with authentication flaps, ppmd memory can leak. Whether the leak happens depends on a race condition which is outside the attackers control. This issue only affects BFD operating in distributed aka delegated (which is the default behavior) or inline mode. Whether the leak occurs can be monitored with the following CLI command: > show ppm request-queue FPC     Pending-request fpc0                   2 request-total-pending: 2 where a continuously increasing number of pending requests is indicative of the leak.  This issue affects: Junos OS: * All versions before 21.2R3-S8, * 21.4 versions before 21.4R3-S7, * 22.1 versions before 22.1R3-S4, * 22.2 versions before 22.2R3-S4, * 22…

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS). When a device has a Layer 3 or an IRB interface configured in a VPLS instance and specific traffic is received, the evo-pfemand processes crashes which causes a service outage for the respective FPC until the system is recovered manually. This issue only affects Junos OS Evolved 22.4R2-S1 and 22.4R2-S2 releases and is fixed in 22.4R3. No other releases are affected.