CVE-2024-39548

Name of the Vulnerable Software and Affected Versions Junos OS Evolved versions prior to 21.2R3-S8-EVO Junos OS Evolved versions 21.3 prior to 21.3R3-S5-EVO Junos OS Evolved versions 21.4 prior to 21.4R3-S5-EVO Junos OS Evolved versions 22.1 prior to 22.1R3-S4-EVO Junos OS Evolved versions 22.2 prior to 22.2R3-S4-EVO Junos OS Evolved versions 22.3 prior to 22.3R3-S3-EVO Junos OS Evolved versions 22.4 prior to 22.4R2-S2-EVO, 22.4R3-EVO Junos OS Evolved versions 23.2 prior to 23.2R1-S1-EVO, 23.2R2-EVO

Description An Uncontrolled Resource Consumption issue in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service (DoS) condition. The processes do not recover on their own and must be manually restarted. This issue affects both IPv4 and IPv6. Changes in memory usage can be monitored using the CLI command: show system memory node <fpc slot> | grep evo-aftmann.

Recommendations For Junos OS Evolved versions prior to 21.2R3-S8-EVO, update to version 21.2R3-S8-EVO or later. For Junos OS Evolved versions 21.3 prior to 21.3R3-S5-EVO, update to version 21.3R3-S5-EVO or later. For Junos OS Evolved versions 21.4 prior to 21.4R3-S5-EVO, update to version 21.4R3-S5-EVO or later. For Junos OS Evolved versions 22.1 prior to 22.1R3-S4-EVO, update to version 22.1R3-S4-EVO or later. For Junos OS Evolved versions 22.2 prior to 22.2R3-S4-EVO, update to version 22.2R3-S4-EVO or later. For Junos OS Evolved versions 22.3 prior to 22.3R3-S3-EVO, update to version 22.3R3-S3-EVO or later. For Junos OS Evolved versions 22.4 prior to 22.4R2-S2-EVO, 22.4R3-EVO, update to version 22.4R2-S2-EVO or 22.4R3-EVO or later. For Junos OS Evolved versions 23.2 prior to 23.2R1-S1-EVO, 23.2R2-EVO, update to version 23.2R1-S1-EVO or 23.2R2-EVO or later. As a temporary workaround, consider monitoring memory usage using the CLI command show system memory node <fpc slot> | grep evo-aftmann to detect potential issues.