CVE-2024-39547 – Junos OS and Junos OS Evolved: cRPD: Receipt of crafted TCP traffic can trigger high CPU utilization
https://notcve.org/view.php?id=CVE-2024-39547
An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending crafted TCP traffic to the routing engine (RE) to cause a CPU-based Denial of Service (DoS). If specially crafted TCP traffic is received by the control plane, or a TCP session terminates unexpectedly, it will cause increased control plane CPU utilization by the rpd-server process. While not explicitly required, the impact is more severe when RIB sharding is enabled. Task accounting shows unexpected reads by the RPD Server jobs for shards: user@junos> show task accounting detail ... read:RPD Server.0.0.0.0+780.192.168.0.78+48886 TOT:00000003.00379787 MAX:00000000.00080516 RUNS: 233888\ read:RPD Server.0.0.0.0+780.192.168.0.78+49144 TOT:00000004.00007565 MAX:00000000.00080360 RUNS: 233888\ read:RPD Server.0.0.0.0+780.192.168.0.78+49694 TOT:00000003.00600584 MAX:00000000.00080463 RUNS: 233888\ read:RPD Server.0.0.0.0+780.192.168.0.78+50246 TOT:00000004.00346998 MAX:00000000.00080338 RUNS: 233888\ This issue affects: Junos OS with cRPD: * All versions before 21.2R3-S8, * 21.4 before 21.4R3-S7, * 22.1 before 22.1R3-S6, * 22.2 before 22.2R3-S4, * 22.3 before 22.3R3-S3, * 22.4 before 22.4R3-S2, * 23.2 before 23.2R2-S2, * 24.2 before 24.2R2; Junos OS Evolved with cRPD: * All versions before 21.4R3-S7-EVO, * 22.2 before 22.2R3-S4-EVO, * 22.3 before 22.3R3-S3-EVO, * 22.4 before 22.4R3-S2-EVO, * 23.2 before 23.2R2-EVO. • https://supportportal.juniper.net/JSA88108 • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2024-39526 – Junos OS and Junos OS Evolved: MX Series with MPC10/MPC11/LC9600, MX304, EX9200, PTX Series: Receipt of malformed DHCP packets causes interfaces to stop processing packets
https://notcve.org/view.php?id=CVE-2024-39526
An Improper Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on MX Series with MPC10/MPC11/LC9600 line cards, EX9200 with EX9200-15C lines cards, MX304 devices, and Juniper Networks Junos OS Evolved on PTX Series, allows an attacker sending malformed DHCP packets to cause ingress packet processing to stop, leading to a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue only occurs if DHCP snooping is enabled. ... Their output will display the interface status going down: user@device>show interfaces <if--x/x/x> user@device>show log messages | match <if--x/x/x> user@device>show log messages ==> will display the "[Error] Wedge-Detect : Host Loopback Wedge Detected: PFE: no," logs. This issue affects: Junos OS on MX Series with MPC10/MPC11/LC9600 line cards, EX9200 with EX9200-15C line cards, and MX304: * All versions before 21.2R3-S7, * from 21.4 before 21.4R3-S6, * from 22.2 before 22.2R3-S3, * all versions of 22.3, * from 22.4 before 22.4R3, * from 23.2 before 23.2R2; Junos OS Evolved on PTX Series: * from 19.3R1-EVO before 21.2R3-S8-EVO, * from 21.4-EVO before 21.4R3-S7-EVO, * from 22.1-EVO before 22.1R3-S6-EVO, * from 22.2-EVO before 22.2R3-S5-EVO, * from 22.3-EVO before 22.3R3-S3-EVO, * from 22.4-EVO before 22.4R3-S1-EVO, * from 23.2-EVO before 23.2R2-S2-EVO, * from 23.4-EVO before 23.4R2-EVO. Junos OS Evolved releases prior to 19.3R1-EVO are unaffected by this vulnerability • https://supportportal.juniper.net/JSA88103 • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2024-45396 – Quicly assertion failures
https://notcve.org/view.php?id=CVE-2024-45396
Quicly up to commtit d720707 is susceptible to a denial-of-service attack. • https://github.com/h2o/quicly/commit/2a95896104901589c495bc41460262e64ffcad5c https://github.com/h2o/quicly/security/advisories/GHSA-mp3c-h5gg-mm6p • CWE-617: Reachable Assertion •
CVE-2024-45403 – H2O assertion failure when HTTP/3 requests are cancelled
https://notcve.org/view.php?id=CVE-2024-45403
The crash can be exploited by an attacker to mount a Denial-of-Service attack. ... Users may disable the use of HTTP/3 to mitigate the issue. • https://github.com/h2o/h2o/commit/16b13eee8ad7895b4fe3fcbcabee53bd52782562 https://github.com/h2o/h2o/commit/1ed32b23f999acf0c5029f09c8525f93eb1d354c https://github.com/h2o/h2o/security/advisories/GHSA-4xp5-3jhc-3m92 https://h2o.examp1e.net/configure/http3_directives.html • CWE-617: Reachable Assertion •
CVE-2024-6657 – BLE peripheral DoS after few cycles of connect/disconnects
https://notcve.org/view.php?id=CVE-2024-6657
A denial of service may be caused to a single peripheral device in a BLE network when multiple central devices continuously connect and disconnect to the peripheral. • https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/069Vm00000E9IIbIAN?operationContext=S1 https://community.silabs.com/068Vm00000FfVNN • CWE-821: Incorrect Synchronization •