CVE-2024-21602

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L versions earlier than 21.4R3-S6-EVO Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L versions earlier than 22.1R3-S5-EVO Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L versions earlier than 22.2R2-S1-EVO Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L versions earlier than 22.3R2-EVO

Description A NULL Pointer Dereference issue allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS) by sending a specific IPv4 UDP packet to the Routing Engine (RE), causing the packetio to crash and restart, resulting in a momentary traffic interruption. Continued receipt of such packets will lead to a sustained DoS. This issue does not affect IPv6 packets.

Recommendations For versions earlier than 21.4R3-S6-EVO, update to 21.4R3-S6-EVO or later. For versions earlier than 22.1R3-S5-EVO, update to 22.1R3-S5-EVO or later. For versions earlier than 22.2R2-S1-EVO, update to 22.2R2-S1-EVO or later. For versions earlier than 22.3R2-EVO, update to 22.3R2-EVO or later.