CVE-2024-21603

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 20.4R3-S9 Junos OS versions 21.2 prior to 21.2R3-S6 Junos OS versions 21.3 prior to 21.3R3-S5 Junos OS versions 21.4 prior to 21.4R3 Junos OS versions 22.1 prior to 22.1R3 Junos OS versions 22.2 prior to 22.2R2 Junos OS versions 22.3 prior to 22.3R2

Description The issue is related to an improper check for unusual or exceptional conditions in the kernel of Juniper Networks Junos OS on MX Series devices. This can be exploited by a remote attacker with low privileges to cause a denial of service. If a scaled configuration for Source class usage (SCU) / destination class usage (DCU) with more than 10 route classes is present and the SCU/DCU statistics are gathered by executing specific SNMP requests or CLI commands, it can lead to a device restart. Continued exploitation of this issue can result in a sustained denial of service.

Recommendations For versions prior to 20.4R3-S9, update to 20.4R3-S9 or later. For versions 21.2 prior to 21.2R3-S6, update to 21.2R3-S6 or later. For versions 21.3 prior to 21.3R3-S5, update to 21.3R3-S5 or later. For versions 21.4 prior to 21.4R3, update to 21.4R3 or later. For versions 22.1 prior to 22.1R3, update to 22.1R3 or later. For versions 22.2 prior to 22.2R2, update to 22.2R2 or later. For versions 22.3 prior to 22.3R2, update to 22.3R2 or later.