CVE-2024-30398
published 2024-04-12CVE-2024-30398: An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS…
high8.7CVSS 4.0
AVNACLATNPRNUINVCNVINVAHSCNSINSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).
When a high amount of specific traffic is received on a SRX4600 device, due to an error in internal packet handling, a consistent rise in CPU memory utilization occurs. This results in packet drops in the traffic and eventually the PFE crashes. A manual reboot of the PFE will be required to restore the device to original state.
This issue affects Junos OS:
* 21.2 before 21.2R3-S7,
* 21.4 before 21.4R3-S6,
* 22.1 before 22.1R3-S5,
* 22.2 before 22.2R3-S3,
* 22.3 before 22.3R3-S2,
* 22.4 before 22.4R3,
* 23.2 before 23.2R1-S2, 23.2R2.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper | srx_series | — | — |
| juniper_networks | junos_os | >= 21.2 < 21.2R3-S7 | 21.2R3-S7 |
| juniper_networks | junos_os | >= 21.4 < 21.4R3-S6 | 21.4R3-S6 |
| juniper_networks | junos_os | >= 22.1 < 22.1R3-S5 | 22.1R3-S5 |
| juniper_networks | junos_os | >= 22.2 < 22.2R3-S3 | 22.2R3-S3 |
| juniper_networks | junos_os | >= 22.3 < 22.3R3-S2 | 22.3R3-S2 |
| juniper_networks | junos_os | >= 22.4 < 22.4R3 | 22.4R3 |
| juniper_networks | junos_os | >= 23.2 < 23.2R1-S2, 23.2R2 | 23.2R1-S2, 23.2R2 |