// For flags

CVE-2024-21611

Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

In a Juniper Flow Monitoring (jflow) scenario route churn that causes BGP next hops to be updated will cause a slow memory leak and eventually a crash and restart of rpd.

Thread level memory utilization for the areas where the leak occurs can be checked using the below command:

user@host> show task memory detail | match so_in
so_in6 28 32 344450 11022400 344760 11032320
so_in 8 16 1841629 29466064 1841734 29467744
This issue affects:

Junos OS



* 21.4 versions earlier than 21.4R3;
* 22.1 versions earlier than 22.1R3;
* 22.2 versions earlier than 22.2R3.




Junos OS Evolved



* 21.4-EVO versions earlier than 21.4R3-EVO;
* 22.1-EVO versions earlier than 22.1R3-EVO;
* 22.2-EVO versions earlier than 22.2R3-EVO.




This issue does not affect:

Juniper Networks Junos OS versions earlier than 21.4R1.

Juniper Networks Junos OS Evolved versions earlier than 21.4R1.

Una vulnerabilidad de liberación de memoria faltante después de la vida útil efectiva en Routing Protocol Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante basado en red no autenticado provoque una denegación de servicio (DoS). En un escenario de Juniper Flow Monitoring (jflow), la rotación de rutas que hace que los siguientes saltos de BGP se actualicen provocará una pérdida de memoria lenta y, finalmente, un bloqueo y reinicio de rpd. La utilización de la memoria a nivel de subproceso para las áreas donde se produce la fuga se puede verificar usando el siguiente comando: user@host> show task memory detail | match so_in so_in6 28 32 344450 11022400 344760 11032320 so_in 8 16 1841629 29466064 1841734 29467744. Este problema afecta a: Junos OS * 21.4 versiones anteriores a 21.4R3; * Versiones 22.1 anteriores a 22.1R3; * Versiones 22.2 anteriores a 22.2R3. Junos OS Evolved * Versiones 21.4-EVO anteriores a 21.4R3-EVO; * Versiones 22.1-EVO anteriores a 22.1R3-EVO; * Versiones 22.2-EVO anteriores a 22.2R3-EVO. Este problema no afecta a: versiones de Juniper Networks Junos OS anteriores a 21.4R1. Versiones evolucionadas de Juniper Networks Junos OS anteriores a 21.4R1.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-12-27 CVE Reserved
  • 2024-01-12 CVE Published
  • 2024-01-19 EPSS Updated
  • 2024-08-01 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-401: Missing Release of Memory after Effective Lifetime
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
21.4
Search vendor "Juniper" for product "Junos" and version "21.4"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.1
Search vendor "Juniper" for product "Junos" and version "22.1"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
-
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r2
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos
Search vendor "Juniper" for product "Junos"
22.2
Search vendor "Juniper" for product "Junos" and version "22.2"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
21.4
Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4"
-
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
21.4
Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4"
r1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
21.4
Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
21.4
Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
21.4
Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4"
r2
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
21.4
Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
21.4
Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4"
r2-s2
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.1
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.1"
-
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.1
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.1"
r1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.1
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.1"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.1
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.1"
r1-s2
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.1
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.1"
r2
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.1
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.1"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.2
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.2"
-
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.2
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.2"
r1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.2
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.2"
r1-s1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.2
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.2"
r2
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.2
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.2"
r2-s1
Affected
Juniper
Search vendor "Juniper"
Junos Os Evolved
Search vendor "Juniper" for product "Junos Os Evolved"
22.2
Search vendor "Juniper" for product "Junos Os Evolved" and version "22.2"
r2-s2
Affected