// For flags

CVE-2023-44188

Junos OS: jkdsd crash due to multiple telemetry requests

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, leading to a Denial of Service (DoS). Continued receipt and processing of telemetry requests will repeatedly crash the jkdsd process and sustain the Denial of Service (DoS) condition.

This issue is seen on all Junos platforms. The crash is triggered when multiple telemetry requests come from different collectors. As the load increases, the Dynamic Rendering Daemon (drend) decides to defer processing and continue later, which results in a timing issue accessing stale memory, causing the jkdsd process to crash and restart.

Note: jkdsd is not shipped with SRX Series devices and therefore are not affected by this vulnerability.
This issue affects:

Juniper Networks Junos OS:



* 20.4 versions prior to 20.4R3-S9;
* 21.1 versions 21.1R1 and later;
* 21.2 versions prior to 21.2R3-S6;
* 21.3 versions prior to 21.3R3-S5;
* 21.4 versions prior to 21.4R3-S5;
* 22.1 versions prior to 22.1R3-S4;
* 22.2 versions prior to 22.2R3-S2;
* 22.3 versions prior to 22.3R2-S1, 22.3R3-S1;
* 22.4 versions prior to 22.4R2-S2, 22.4R3;
* 23.1 versions prior to 23.1R2.




This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.

Una vulnerabilidad de condición de ejecución de Tiempo de Verificación y Tiempo de Uso (TOCTOU) en el procesamiento de telemetría de Juniper Networks Junos OS permite que un atacante autenticado basado en red inunde el sistema con múltiples solicitudes de telemetría, lo que provoca que Junos Kernel Debugging Streaming Daemon (jkdsd ) falle el proceso, lo que provoca una Denegación de Servicio (DoS). La recepción y el procesamiento continuo de solicitudes de telemetría bloquearán repetidamente el proceso jkdsd y mantendrán la condición de Denegación de Servicio (DoS). Este problema se observa en todas las plataformas Junos. El bloqueo se desencadena cuando varias solicitudes de telemetría provienen de diferentes recopiladores. A medida que aumenta la carga, el Dynamic Rendering Daemon (drend) decide posponer el procesamiento y continuar más tarde, lo que genera un problema de sincronización al acceder a la memoria obsoleta, lo que provoca que el proceso jkdsd falle y se reinicie. Nota: jkdsd no se envía con los dispositivos de la serie SRX y, por lo tanto, no se ve afectado por esta vulnerabilidad. Este problema afecta a: Juniper Networks Junos OS: * Versiones 20.4 anteriores a 20.4R3-S9; * 21.1 versiones 21.1R1 y posteriores; * Versiones 21.2 anteriores a 21.2R3-S6; * Versiones 21.3 anteriores a 21.3R3-S5; * Versiones 21.4 anteriores a 21.4R3-S5; * Versiones 22.1 anteriores a 22.1R3-S4; * Versiones 22.2 anteriores a 22.2R3-S2; * Versiones 22.3 anteriores a 22.3R2-S1, 22.3R3-S1; * Versiones 22.4 anteriores a 22.4R2-S2, 22.4R3; * Versiones 23.1 anteriores a 23.1R2; * Versiones 23.2 anteriores a 23.2R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 19.4R1.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-09-26 CVE Reserved
  • 2023-10-11 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-10-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
> 19.4 < 20.4
Search vendor "Juniper" for product "Junos" and version " > 19.4 < 20.4"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s5
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s6
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s7
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
20.4
Search vendor "Juniper" for product "Junos" and version "20.4"
r3-s8
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r3-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r3-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r3-s3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r3-s4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.1
Search vendor "Juniper" for product "Junos" and version "21.1"
r3-s5
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r3-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r3-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r3-s3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r3-s4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.2
Search vendor "Juniper" for product "Junos" and version "21.2"
r3-s5
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r3-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r3-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r3-s3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.3
Search vendor "Juniper" for product "Junos" and version "21.3"
r3-s4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r3-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r3-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r3-s3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r3-s4
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r3-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r3-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r3-s3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r3-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.3
Search vendor "Juniper" for product "Junos" and version "22.3"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.3
Search vendor "Juniper" for product "Junos" and version "22.3"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.3
Search vendor "Juniper" for product "Junos" and version "22.3"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.3
Search vendor "Juniper" for product "Junos" and version "22.3"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.3
Search vendor "Juniper" for product "Junos" and version "22.3"
r3
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.4
Search vendor "Juniper" for product "Junos" and version "22.4"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.4
Search vendor "Juniper" for product "Junos" and version "22.4"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.4
Search vendor "Juniper" for product "Junos" and version "22.4"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.4
Search vendor "Juniper" for product "Junos" and version "22.4"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.4
Search vendor "Juniper" for product "Junos" and version "22.4"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
23.1
Search vendor "Juniper" for product "Junos" and version "23.1"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
23.2
Search vendor "Juniper" for product "Junos" and version "23.2"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
23.2
Search vendor "Juniper" for product "Junos" and version "23.2"
r1-s1
Affected