CVE-2004-0468 — Missing Release of Memory after Effective Lifetime in Juniper Junos OS

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 25.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Junos OS

Timeline

PublishedDec 6

Latest updateApr 29

Description

Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶juniperjuniper/junos_os

Patches

Patch: www.jpcert.or.jp ↗Patch: www.kb.cert.org ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-xxmm-cxv2-23w9: Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot)↗2022-04-29

▶

📋Vendor Advisories

Juniper

CVE-2004-0468: Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot)↗2004-12-06

▶