CVE-2024-30386
Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon (l2ald)
of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service (DoS).
In an EVPN-VXLAN scenario, when
state updates are received and processed by the affected system, the correct order of some processing steps is not ensured, which can lead to an l2ald crash and restart. Whether the crash occurs depends on system internal timing which is outside the attackers control.
This issue affects:
Junos OS:
* All versions before 20.4R3-S8,
* 21.2 versions before 21.2R3-S6,
* 21.3 versions before 21.3R3-S5,
* 21.4 versions before 21.4R3-S4,
* 22.1 versions before 22.1R3-S3,
* 22.2 versions before 22.2R3-S1,
* 22.3 versions before 22.3R3,,
* 22.4 versions before 22.4R2;
Junos OS Evolved:
* All versions before 20.4R3-S8-EVO,
* 21.2-EVO versions before 21.2R3-S6-EVO,
* 21.3-EVO
versions before 21.3R3-S5-EVO,
* 21.4-EVO
versions before 21.4R3-S4-EVO,
* 22.1-EVO
versions before 22.1R3-S3-EVO,
* 22.2-EVO
versions before 22.2R3-S1-EVO,
* 22.3-EVO
versions before 22.3R3-EVO,
* 22.4-EVO
versions before 22.4R2-EVO.
Una vulnerabilidad de Use-After-Free en el daemon de aprendizaje de direcciones de capa 2 (l2ald) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante adyacente no autenticado provoque que l2ald falle, lo que provoca una denegación de servicio (DoS). En un escenario EVPN-VXLAN, cuando el sistema afectado recibe y procesa actualizaciones de estado, no se garantiza el orden correcto de algunos pasos de procesamiento, lo que puede provocar un bloqueo y reinicio de l2ald. Que se produzca el fallo depende de la sincronización interna del sistema, que está fuera del control de los atacantes. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 20.4R3-S8, * Versiones 21.2 anteriores a 21.2R3-S6, * Versiones 21.3 anteriores a 21.3R3-S5, * Versiones 21.4 anteriores a 21.4R3-S4, * Versiones 22.1 anteriores a 22.1R3- S3, * 22.2 versiones anteriores a 22.2R3-S1, * 22.3 versiones anteriores a 22.3R3, * 22.4 versiones anteriores a 22.4R2; Junos OS Evolved: * Todas las versiones anteriores a 20.4R3-S8-EVO, * Versiones 21.2-EVO anteriores a 21.2R3-S6-EVO, * Versiones 21.3-EVO anteriores a 21.3R3-S5-EVO, * Versiones 21.4-EVO anteriores a 21.4R3- S4-EVO, *versiones 22.1-EVO anteriores a 22.1R3-S3-EVO, *versiones 22.2-EVO anteriores a 22.2R3-S1-EVO, *versiones 22.3-EVO anteriores a 22.3R3-EVO, *versiones 22.4-EVO anteriores a 22.4R2- EVO.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-26 CVE Reserved
- 2024-04-12 CVE Published
- 2024-04-21 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L | Technical Description |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://supportportal.juniper.net/JSA79184 | 2024-05-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | < 20.4R3-S8 Search vendor "Juniper Networks" for product "Junos OS" and version " < 20.4R3-S8" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 21.2 < 21.2R3-S6 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.2 < 21.2R3-S6" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 21.3 < 21.3R3-S5 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.3 < 21.3R3-S5" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 21.4 < 21.4R3-S4 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 21.4 < 21.4R3-S4" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 22.1 < 22.1R3-S3 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 22.1 < 22.1R3-S3" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 22.2 < 22.2R3-S1 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 22.2 < 22.2R3-S1" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 22.3 < 22.3R3 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 22.3 < 22.3R3" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Search vendor "Juniper Networks" for product "Junos OS" | >= 22.4 < 22.4R2 Search vendor "Juniper Networks" for product "Junos OS" and version " >= 22.4 < 22.4R2" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | < 20.4R3-S8-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " < 20.4R3-S8-EVO" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 21.2-EVO < 21.2R3-S6-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 21.2-EVO < 21.2R3-S6-EVO" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 21.3-EVO < 21.3R3-S5-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 21.3-EVO < 21.3R3-S5-EVO" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 21.4-EVO < 21.4R3-S4-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 21.4-EVO < 21.4R3-S4-EVO" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 22.1-EVO < 22.1R3-S3-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 22.1-EVO < 22.1R3-S3-EVO" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 22.2-EVO < 22.2R3-S1-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 22.2-EVO < 22.2R3-S1-EVO" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 22.3-EVO < 22.3R3-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 22.3-EVO < 22.3R3-EVO" | en |
Affected
| ||||||
| Juniper Networks Search vendor "Juniper Networks" | Junos OS Evolved Search vendor "Juniper Networks" for product "Junos OS Evolved" | >= 22.4-EVO < 22.4R2-EVO Search vendor "Juniper Networks" for product "Junos OS Evolved" and version " >= 22.4-EVO < 22.4R2-EVO" | en |
Affected
| ||||||