CVE-2024-21611

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 21.4R3 Junos OS versions prior to 22.1R3 Junos OS versions prior to 22.2R3 Junos OS Evolved versions prior to 21.4R3-EVO Junos OS Evolved versions prior to 22.1R3-EVO Junos OS Evolved versions prior to 22.2R3-EVO

Description A Missing Release of Memory after Effective Lifetime issue in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Juniper Flow Monitoring (jflow) scenario, route churn that causes BGP next hops to be updated will cause a slow memory leak and eventually a crash and restart of rpd. The thread level memory utilization for the areas where the leak occurs can be checked using the command: show task memory detail | match so in.

Recommendations For Junos OS versions prior to 21.4R3, update to version 21.4R3 or later. For Junos OS versions prior to 22.1R3, update to version 22.1R3 or later. For Junos OS versions prior to 22.2R3, update to version 22.2R3 or later. For Junos OS Evolved versions prior to 21.4R3-EVO, update to version 21.4R3-EVO or later. For Junos OS Evolved versions prior to 22.1R3-EVO, update to version 22.1R3-EVO or later. For Junos OS Evolved versions prior to 22.2R3-EVO, update to version 22.2R3-EVO or later.