CVE-2024-30398Improper Restriction of Operations within the Bounds of a Memory Buffer in Networks Junos OS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
8.7HIGHNVD
EPSS
0.2%
top 58.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedApr 12

Description

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a high amount of specific traffic is received on a SRX4600 device, due to an error in internal packet handling, a consistent rise in CPU memory utilization occurs. This results in packet drops in the traffic and eventually the PFE crashes. A manual reb

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

CVEListV5juniper_networks/junos_os21.221.2R3-S7+6
NVDjuniper/junos7 versions+6

🔴Vulnerability Details

2
CVEList
Junos OS: SRX4600 Series - A high amount of specific traffic causes packet drops and an eventual PFE crash2024-04-12
GHSA
GHSA-x3m5-7cpw-xq9j: An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Jun2024-04-12

📋Vendor Advisories

1
Juniper
CVE-2024-30398: An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Jun2024-04-12
CVE-2024-30398 — Networks Junos OS vulnerability | cvebase