CVE-2024-21613

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 21.2R3-S3 Juniper Networks Junos OS versions 21.3 prior to 21.3R3-S5 Juniper Networks Junos OS versions 21.4 prior to 21.4R3-S3 Juniper Networks Junos OS versions 22.1 prior to 22.1R3 Juniper Networks Junos OS versions 22.2 prior to 22.2R3 Juniper Networks Junos OS Evolved versions prior to 21.3R3-S5-EVO Juniper Networks Junos OS Evolved versions 21.4 prior to 21.4R3-EVO Juniper Networks Junos OS Evolved versions 22.1 prior to 22.1R3-EVO Juniper Networks Junos OS Evolved versions 22.2 prior to 22.2R3-EVO

Description A Missing Release of Memory after Effective Lifetime issue in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause an rpd crash, leading to Denial of Service (DoS). When traffic engineering is enabled for OSPF or ISIS, and a link flaps, a patroot memory leak is observed, which over time will lead to an rpd crash and restart. The memory usage can be monitored using the command show task memory detail | match patroot.

Recommendations For Juniper Networks Junos OS versions prior to 21.2R3-S3, update to version 21.2R3-S3 or later. For Juniper Networks Junos OS versions 21.3 prior to 21.3R3-S5, update to version 21.3R3-S5 or later. For Juniper Networks Junos OS versions 21.4 prior to 21.4R3-S3, update to version 21.4R3-S3 or later. For Juniper Networks Junos OS versions 22.1 prior to 22.1R3, update to version 22.1R3 or later. For Juniper Networks Junos OS versions 22.2 prior to 22.2R3, update to version 22.2R3 or later. For Juniper Networks Junos OS Evolved versions prior to 21.3R3-S5-EVO, update to version 21.3R3-S5-EVO or later. For Juniper Networks Junos OS Evolved versions 21.4 prior to 21.4R3-EVO, update to version 21.4R3-EVO or later. For Juniper Networks Junos OS Evolved versions 22.1 prior to 22.1R3-EVO, update to version 22.1R3-EVO or later. For Juniper Networks Junos OS Evolved versions 22.2 prior to 22.2R3-EVO, update to version 22.2R3-EVO or later.