Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.JUNIPER_JSA75754.NASLHistoryApr 18, 2024 - 12:00 a.m.
Juniper Junos OS Vulnerability (JSA75754)
2024-04-1800:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
juniper networks
junos os
vulnerability
rpd
denial of service
memory leak
ospf
isis
security advisory
cve-2024-21613
nessus scanner
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75754 advisory.
- A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause an rpd crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when traffic engineering is enabled for OSPF or ISIS, and a link flaps, a patroot memory leak is observed. This memory leak, over time, will lead to an rpd crash and restart. The memory usage can be monitored using the below command. user@host> show task memory detail | match patroot This issue affects: Juniper Networks Junos OS * All versions earlier than 21.2R3-S3; * 21.3 versions earlier than 21.3R3-S5; * 21.4 versions earlier than 21.4R3-S3; * 22.1 versions earlier than 22.1R3; * 22.2 versions earlier than 22.2R3. Juniper Networks Junos OS Evolved * All versions earlier than 21.3R3-S5-EVO; * 21.4 versions earlier than 21.4R3-EVO; * 22.1 versions earlier than 22.1R3-EVO; * 22.2 versions earlier than 22.2R3-EVO.
(CVE-2024-21613)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(193490);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/18");
script_cve_id("CVE-2024-21613");
script_xref(name:"JSA", value:"JSA75754");
script_name(english:"Juniper Junos OS Vulnerability (JSA75754)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75754
advisory.
- A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon (RPD) of
Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause an
rpd crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when
traffic engineering is enabled for OSPF or ISIS, and a link flaps, a patroot memory leak is observed. This
memory leak, over time, will lead to an rpd crash and restart. The memory usage can be monitored using the
below command. user@host> show task memory detail | match patroot This issue affects: Juniper Networks
Junos OS * All versions earlier than 21.2R3-S3; * 21.3 versions earlier than 21.3R3-S5; * 21.4 versions
earlier than 21.4R3-S3; * 22.1 versions earlier than 22.1R3; * 22.2 versions earlier than 22.2R3. Juniper
Networks Junos OS Evolved * All versions earlier than 21.3R3-S5-EVO; * 21.4 versions earlier than
21.4R3-EVO; * 22.1 versions earlier than 22.1R3-EVO; * 22.2 versions earlier than 22.2R3-EVO.
(CVE-2024-21613)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-A-link-flap-causes-patroot-memory-leak-which-leads-to-rpd-crash-CVE-2024-21613
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2d597e58");
script_set_attribute(attribute:"solution", value:
"Apply the relevant Junos software release referenced in Juniper advisory JSA75754");
script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-21613");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/10");
script_set_attribute(attribute:"patch_publication_date", value:"2024/01/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/18");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:juniper:junos");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Junos Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("junos_version.nasl");
script_require_keys("Host/Juniper/JUNOS/Version");
exit(0);
}
include('junos.inc');
var ver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');
var vuln_ranges = [
{'min_ver':'0.0', 'fixed_ver':'21.2R3-S3'},
{'min_ver':'0.0', 'fixed_ver':'21.3R3-S5-EVO'},
{'min_ver':'21.3', 'fixed_ver':'21.3R3-S5'},
{'min_ver':'21.4', 'fixed_ver':'21.4R3-S3'},
{'min_ver':'21.4', 'fixed_ver':'21.4R3-EVO'},
{'min_ver':'22.1', 'fixed_ver':'22.1R3'},
{'min_ver':'22.1', 'fixed_ver':'22.1R3-EVO'},
{'min_ver':'22.2', 'fixed_ver':'22.2R3'},
{'min_ver':'22.2', 'fixed_ver':'22.2R3-EVO'}
];
var fix = junos_compare_range(target_version:ver, vuln_ranges:vuln_ranges);
if (empty_or_null(fix)) audit(AUDIT_INST_VER_NOT_VULN, 'Junos OS', ver);
var report = get_report(ver:ver, fix:fix);
security_report_v4(severity:SECURITY_WARNING, port:0, extra:report);
Related
cve
cve
CVE-2024-21613
2024-01-12 01:15:49
nvd
nvd
CVE-2024-21613
2024-01-12 01:15:49
prion
prion
Memory corruption
2024-01-12 01:15:00
cvelist
cvelist