CVE-2024-30394 — Stack-based Buffer Overflow in Networks Junos OS

CWE-121 — Stack-based Buffer Overflow CWE-787 — Out-of-bounds Write4 documents4 sources

Severity

8.7HIGHNVD

EPSS

0.2%

top 51.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedApr 12

Description

A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when EVPN is configured, and a specific EVPN type-5 route is received via BGP, rpd crashes and restarts. Continuous receipt of this specific route will lead to a sustained Denial of Service (DoS) condition. This issue…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolved22.1-EVO — 22.1R3-S4-EVO+5

▶NVDjuniper/junos_os_evolved< 21.4+6

▶CVEListV5juniper_networks/junos_os21.4 — 21.4R3-S5+6

▶NVDjuniper/junos< 21.2+7

🔴Vulnerability Details

CVEList

Junos OS and Junos OS Evolved: A specific EVPN type-5 route causes rpd crash↗2024-04-12

▶

GHSA

GHSA-qq59-h2gh-4pfp: A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated,↗2024-04-12

▶

📋Vendor Advisories

Juniper

CVE-2024-30394: A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated,↗2024-04-12

▶