Lucene search

[email protected]NVD:CVE-2024-21599

HistoryJan 12, 2024 - 1:15 a.m.

CVE-2024-21599

2024-01-1201:15:47

CWE-401

[email protected]

web.nvd.nist.gov

cve-2024-21599

memory vulnerability

juniper networks junos os

mx series

dos

pfe

mpc3e

packet forwarding engine

denial of service

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

18.2%

JSON

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).

If an MX Series device receives PTP packets on an MPC3E that doesn’t support PTP this causes a memory leak which will result in unpredictable behavior and ultimately in an MPC crash and restart.

To monitor for this issue, please use the following FPC vty level commands:

show heap
shows an increase in “LAN buffer” utilization and

show clksync ptp nbr-upd-info
shows non-zero “Pending PFEs” counter.

This issue affects Juniper Networks Junos OS on MX Series with MPC3E:

All versions earlier than 20.4R3-S3;
21.1 versions earlier than 21.1R3-S4;
21.2 versions earlier than 21.2R3;
21.3 versions earlier than 21.3R2-S1, 21.3R3;
21.4 versions earlier than 21.4R2;
22.1 versions earlier than 22.1R2.

Affected configurations

NVD

Node

juniperjunosMatch20.4-

juniperjunosMatch20.4r1

juniperjunosMatch20.4r1-s1

juniperjunosMatch20.4r2

juniperjunosMatch20.4r2-s1

juniperjunosMatch20.4r2-s2

juniperjunosMatch20.4r3

juniperjunosMatch20.4r3-s1

juniperjunosMatch20.4r3-s2

Node

juniperjunosMatch21.1-

juniperjunosMatch21.1r1

juniperjunosMatch21.1r1-s1

juniperjunosMatch21.1r2

juniperjunosMatch21.1r2-s1

juniperjunosMatch21.1r2-s2

juniperjunosMatch21.1r3

juniperjunosMatch21.1r3-s1

juniperjunosMatch21.1r3-s2

juniperjunosMatch21.1r3-s3

Node

juniperjunosMatch21.2-

juniperjunosMatch21.2r1

juniperjunosMatch21.2r1-s1

juniperjunosMatch21.2r1-s2

juniperjunosMatch21.2r2

juniperjunosMatch21.2r2-s1

juniperjunosMatch21.2r2-s2

Node

juniperjunosMatch21.3-

juniperjunosMatch21.3r1

juniperjunosMatch21.3r1-s1

juniperjunosMatch21.3r1-s2

juniperjunosMatch21.3r2

Node

juniperjunosMatch21.4-

juniperjunosMatch21.4r1

juniperjunosMatch21.4r1-s1

juniperjunosMatch21.4r1-s2

Node

juniperjunosMatch22.1-

juniperjunosMatch22.1r1

juniperjunosMatch22.1r1-s1

juniperjunosMatch22.1r1-s2

References

supportportal.juniper.net/JSA75740

www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.0005 Low

EPSS

Percentile

18.2%

JSON

Related for NVD:CVE-2024-21599

cve1 cvelist1 prion1