CVE-2024-30378

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S5 Junos OS versions from 21.1 before 21.1R3-S4 Junos OS versions from 21.2 before 21.2R3-S3 Junos OS versions from 21.3 before 21.3R3-S5 Junos OS versions from 21.4 before 21.4R3-S5 Junos OS versions from 22.1 before 22.1R3 Junos OS versions from 22.2 before 22.2R3 Junos OS versions from 22.3 before 22.3R2

Description: A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband edge service manager daemon (bbe-smgd) to crash upon execution of specific CLI commands, creating a Denial of Service (DoS) condition. The process crashes and restarts automatically. This issue only occurs if Graceful Routing Engine Switchover (GRES) and Subscriber Management are enabled. When specific CLI commands are executed, the bbe-smgd daemon attempts to write into an area of memory (mgd socket) that was already closed, causing the process to crash.

Recommendations: For Junos OS versions prior to 20.4R3-S5, update to version 20.4R3-S5 or later. For Junos OS versions from 21.1 before 21.1R3-S4, update to version 21.1R3-S4 or later. For Junos OS versions from 21.2 before 21.2R3-S3, update to version 21.2R3-S3 or later. For Junos OS versions from 21.3 before 21.3R3-S5, update to version 21.3R3-S5 or later. For Junos OS versions from 21.4 before 21.4R3-S5, update to version 21.4R3-S5 or later. For Junos OS versions from 22.1 before 22.1R3, update to version 22.1R3 or later. For Junos OS versions from 22.2 before 22.2R3, update to version 22.2R3 or later. For Junos OS versions from 22.3 before 22.3R2, update to version 22.3R2 or later.