CVE-2024-39557 — Uncontrolled Resource Consumption in Networks Junos OS Evolved

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

7.1HIGHNVD

EPSS

0.2%

top 61.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Evolved Juniper Junos OS Evolved

Timeline

PublishedJul 10

Latest updateJul 11

Description

An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS). Certain MAC table updates cause a small amount of memory to leak. Once memory utilization reaches its limit, the issue will result in a system crash and restart. To identify the issue, execute the…

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os_evolved22.2-EVO — 22.2R3-S4-EVO+4

▶NVDjuniper/junos_os_evolved< 21.4+5

🔴Vulnerability Details

GHSA

GHSA-g26w-g327-7xm5: An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS Evolved allows an una↗2024-07-11

▶

CVEList

Junos OS Evolved: MAC table changes cause a memory leak↗2024-07-10

▶

📋Vendor Advisories

Juniper

CVE-2024-39557: An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS Evolved allows an u↗2024-07-10

▶