PT-2024-2855 · Juniper Networks · Junos+1

Published

2024-04-10

·

Updated

2024-05-16

·

CVE-2024-30394

CVSS v4.0

8.7

High

VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 21.2R3-S7 Junos OS versions from 21.4 before 21.4R3-S5 Junos OS versions from 22.1 before 22.1R3-S4 Junos OS versions from 22.2 before 22.2R3-S2 Junos OS versions from 22.3 before 22.3R3-S1 Junos OS versions from 22.4 before 22.4R3 Junos OS versions from 23.2 before 23.2R2 Junos OS Evolved versions prior to 21.4R3-S5-EVO Junos OS Evolved versions from 22.1-EVO before 22.1R3-S4-EVO Junos OS Evolved versions from 22.2-EVO before 22.2R3-S2-EVO Junos OS Evolved versions from 22.3-EVO before 22.3R3-S1-EVO Junos OS Evolved versions from 22.4-EVO before 22.4R3-EVO Junos OS Evolved versions from 23.2-EVO before 23.2R2-EVO
Description A Stack-based Buffer Overflow issue in the Routing Protocol Daemon (RPD) component allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service (DoS). When EVPN is configured and a specific EVPN type-5 route is received via BGP, rpd crashes and restarts. Continuous receipt of this specific route will lead to a sustained Denial of Service (DoS) condition.
Recommendations For Junos OS versions prior to 21.2R3-S7, update to version 21.2R3-S7 or later. For Junos OS versions from 21.4 before 21.4R3-S5, update to version 21.4R3-S5 or later. For Junos OS versions from 22.1 before 22.1R3-S4, update to version 22.1R3-S4 or later. For Junos OS versions from 22.2 before 22.2R3-S2, update to version 22.2R3-S2 or later. For Junos OS versions from 22.3 before 22.3R3-S1, update to version 22.3R3-S1 or later. For Junos OS versions from 22.4 before 22.4R3, update to version 22.4R3 or later. For Junos OS versions from 23.2 before 23.2R2, update to version 23.2R2 or later. For Junos OS Evolved versions prior to 21.4R3-S5-EVO, update to version 21.4R3-S5-EVO or later. For Junos OS Evolved versions from 22.1-EVO before 22.1R3-S4-EVO, update to version 22.1R3-S4-EVO or later. For Junos OS Evolved versions from 22.2-EVO before 22.2R3-S2-EVO, update to version 22.2R3-S2-EVO or later. For Junos OS Evolved versions from 22.3-EVO before 22.3R3-S1-EVO, update to version 22.3R3-S1-EVO or later. For Junos OS Evolved versions from 22.4-EVO before 22.4R3-EVO, update to version 22.4R3-EVO or later. For Junos OS Evolved versions from 23.2-EVO before 23.2R2-EVO, update to version 23.2R2-EVO or later.

Fix

DoS

Memory Corruption

Stack Overflow

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

BDU:2024-03003
CVE-2024-30394

Affected Products

Junos
Junos Evolved