THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-39517

Junos OS and Junos OS Evolved: Upon processing specific L2 traffic, rpd can hang in devices with EVPN/VXLAN configured

Assignerjuniper
Reserved2024-06-25
Published2024-07-10
Updated2024-07-11

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS). In an EVPN/VXLAN scenario, when a high amount specific Layer 2 packets are processed by the device, it can cause the Routing Protocol Daemon (rpd) to utilize all CPU resources which causes the device to hang. A manual restart of the rpd is required to restore services. This issue affects both IPv4 and IPv6 implementations. This issue affects Junos OS: All versions earlier than 21.4R3-S7; 22.1 versions earlier than 22.1R3-S5; 22.2 versions earlier than 22.2R3-S3; 22.3 versions earlier than 22.3R3-S3; 22.4 versions earlier than 22.4R3-S2; 23.2 versions earlier than 23.2R2; 23.4 versions earlier than 23.4R1-S1. Junos OS Evolved: All versions earlier than 21.4R3-S7-EVO; 22.1-EVO versions earlier than 22.1R3-S5-EVO; 22.2-EVO versions earlier than 22.2R3-S3-EVO; 22.3-EVO versions earlier than 22.3R3-S3-EVO; 22.4-EVO versions earlier than 22.4R3-S2-EVO; 23.2-EVO versions earlier than 23.2R2-EVO; 23.4-EVO versions earlier than 23.4R1-S1-EVO, 23.4R2-EVO.



MEDIUM: 6.5CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
HIGH: 7.1CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Problem types

CWE-754 Improper Check for Unusual or Exceptional Conditions

Product status

Default status
unaffected

Any version before 21.2R3-S8
affected

21.4 before 21.4R3-S7
affected

22.1 before 22.1R3-S5
affected

22.2 before 22.2R3-S3
affected

22.3 before 22.3R3-S3
affected

22.4 before 22.4R3-S2
affected

23.2 before 23.2R2
affected

23.4 before 23.4R1-S1
affected

Default status
unaffected

Any version before 21.2R3-S8-EVO
affected

21.4-EVO before 21.4R3-S7-EVO
affected

22.1-EVO before 22.1R3-S5-EVO
affected

22.2-EVO before 22.2R3-S3-EVO
affected

22.3-EVO before 22.3R3-S3-EVO
affected

22.4-EVO before 22.4R3-S2-EVO
affected

23.2-EVO before 23.2R2-EVO
affected

23.4-EVO before 23.4R1-S1-EVO, 23.4R2-EVO
affected

References

https://supportportal.juniper.net/JSA79175 vendor-advisory

cve.org CVE-2024-39517

nvd.nist.gov CVE-2024-39517

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-39517
© Copyright 2024 THREATINT. Made in Cyprus with +