fkie_cve-2024-39560
Vulnerability from fkie_nvd
Published
2024-07-10 23:15
Modified
2024-11-21 09:28
Severity ?
Summary
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS).
The kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected.
System kernel memory can be monitored through the use of the 'show system kernel memory' command as shown below:
user@router> show system kernel memory
Real memory total/reserved: 4130268/ 133344 Kbytes
kmem map free: 18014398509110220 Kbytes
This issue affects:
Junos OS:
* All versions before 20.4R3-S9,
* All versions of 21.2,
* from 21.4 before 21.4R3-S5,
* from 22.1 before 22.1R3-S5,
* from 22.2 before 22.2R3-S3,
* from 22.3 before 22.3R3-S2,
* from 22.4 before 22.4R3,
* from 23.2 before 23.2R2;
Junos OS Evolved:
* All versions before 21.4R3-S5-EVO,
* from 22.1-EVO before 22.1R3-S5-EVO,
* from 22.2-EVO before 22.2R3-S3-EVO,
* from 22.3-EVO before 22.3R3-S2-EVO,
* from 22.4-EVO before 22.4R3-EVO,
* from 23.2-EVO before 23.2R2-EVO.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS).\n\nThe kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected.\n\nSystem kernel memory can be monitored through the use of the \u0027show system kernel memory\u0027 command as shown below:\n\nuser@router\u003e show system kernel memory \u00a0 \nReal memory total/reserved: 4130268/ 133344 Kbytes\nkmem map free: 18014398509110220 Kbytes\n\nThis issue affects:\nJunos OS:\n\n\n * All versions before 20.4R3-S9,\n * All versions of 21.2,\n * from 21.4 before 21.4R3-S5,\n * from 22.1 before 22.1R3-S5,\n * from 22.2 before 22.2R3-S3,\n * from 22.3 before 22.3R3-S2,\n * from 22.4 before 22.4R3,\n * from 23.2 before 23.2R2;\n\n\nJunos OS Evolved:\n\n\n * All versions before 21.4R3-S5-EVO,\n * from 22.1-EVO before 22.1R3-S5-EVO, \n * from 22.2-EVO before 22.2R3-S3-EVO, \n * from 22.3-EVO before 22.3R3-S2-EVO, \n * from 22.4-EVO before 22.4R3-EVO, \n * from 23.2-EVO before 23.2R2-EVO."
},
{
"lang": "es",
"value": "Una vulnerabilidad de manejo inadecuado de condiciones excepcionales en el daemon del protocolo de enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un vecino RSVP descendente l\u00f3gicamente adyacente provoque el agotamiento de la memoria del kernel, lo que provoca un fallo del kernel, lo que resulta en una denegaci\u00f3n de servicio ( DoS). La p\u00e9rdida de memoria del kernel y su eventual fallo se ver\u00e1n cuando el vecino RSVP descendente tenga un error persistente que no se corregir\u00e1. La memoria del kernel del sistema se puede monitorear mediante el uso del comando \u0027mostrar la memoria del kernel de estad\u00edsticas del sistema\u0027 como se muestra a continuaci\u00f3n: usuario@router\u0026gt; mostrar la memoria del kernel de estad\u00edsticas del sistema Tama\u00f1o de la memoria (kB) Porcentaje cuando est\u00e1 activo 753092 18,4 % ahora inactivo 574300 14,0 % ahora cableado 443236 10,8% Ahora en cach\u00e9 1911204 46,6% Ahora Buf 32768 0,8% Ahora gratis 385072 9,4% Ahora Memoria del kernel Ahora Datos 312908 7,6% Ahora Texto 2560 0,1% Ahora... Este problema afecta a: Junos OS: * Todas las versiones anteriores a 20.4R3-S9 , * desde 21.4 antes de 21.4R3-S5, * desde 22.1 antes de 22.1R3-S5, * desde 22.2 antes de 22.2R3-S3, * desde 22.3 antes de 22.3R3-S2, * desde 22.4 antes de 22.4R3, * desde 23.2 antes de 23.2R2 ; Junos OS Evolved: * Todas las versiones anteriores a 21.4R3-S5-EVO, * desde 22.1-EVO antes de 22.1R3-S5-EVO, * desde 22.2-EVO antes de 22.2R3-S3-EVO, * desde 22.3-EVO antes de 22.3R3- S2-EVO, * de 22.4-EVO antes de 22.4R3-EVO, * de 23.2-EVO antes de 23.2R2-EVO."
}
],
"id": "CVE-2024-39560",
"lastModified": "2024-11-21T09:28:00.970",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "sirt@juniper.net",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:A/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
},
"published": "2024-07-10T23:15:13.140",
"references": [
{
"source": "sirt@juniper.net",
"url": "https://supportportal.juniper.net/JSA83020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://supportportal.juniper.net/JSA83020"
}
],
"sourceIdentifier": "sirt@juniper.net",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "sirt@juniper.net",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…