ghsa-gc6q-hh4v-5gvq
Vulnerability from github
Published
2024-07-11 00:32
Modified
2024-10-01 21:31
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
Details

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS).

The kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected.

System kernel memory can be monitored through the use of the 'show system statistics kernel memory' command as shown below:

user@router> show system statistics kernel memory Memory               Size (kB) Percentage When   Active                 753092     18.4% Now   Inactive               574300     14.0% Now   Wired                  443236     10.8% Now   Cached                1911204     46.6% Now   Buf                     32768      0.8% Now   Free                   385072      9.4% Now Kernel Memory                             Now   Data                   312908      7.6% Now   Text                     2560      0.1% Now ...

This issue affects: Junos OS:

  • All versions before 20.4R3-S9,
  • from 21.4 before 21.4R3-S5,
  • from 22.1 before 22.1R3-S5,
  • from 22.2 before 22.2R3-S3,
  • from 22.3 before 22.3R3-S2,
  • from 22.4 before 22.4R3,
  • from 23.2 before 23.2R2;

Junos OS Evolved:

  • All versions before 21.4R3-S5-EVO,
  • from 22.1-EVO before 22.1R3-S5-EVO,
  • from 22.2-EVO before 22.2R3-S3-EVO,
  • from 22.3-EVO before 22.3R3-S2-EVO,
  • from 22.4-EVO before 22.4R3-EVO,
  • from 23.2-EVO before 23.2R2-EVO.
Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2024-39560"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-10T23:15:13Z",
    "severity": "HIGH"
  },
  "details": "An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS).\n\nThe kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected.\n\nSystem kernel memory can be monitored through the use of the \u0027show system statistics kernel memory\u0027 command as shown below:\n\nuser@router\u003e show system statistics kernel memory\nMemory  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0  Size (kB)  Percentage  When\n\u00a0 Active  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 753092  \u00a0 \u00a0  18.4%  Now\n\u00a0 Inactive  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 574300  \u00a0 \u00a0  14.0%  Now\n\u00a0 Wired\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 443236  \u00a0 \u00a0  10.8%  Now\n\u00a0 Cached\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 1911204  \u00a0 \u00a0  46.6%  Now\n\u00a0 Buf  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 32768\u00a0 \u00a0 \u00a0 0.8%  Now\n\u00a0 Free  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 385072\u00a0 \u00a0 \u00a0 9.4%  Now\nKernel Memory\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0Now\n\u00a0 Data  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 312908\u00a0 \u00a0 \u00a0 7.6%  Now\n\u00a0 Text  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 2560\u00a0 \u00a0 \u00a0 0.1%  Now\n...\n\nThis issue affects:\nJunos OS:\n\n\n  *  All versions before 20.4R3-S9,\n  *  from 21.4 before 21.4R3-S5,\n  *  from 22.1 before 22.1R3-S5,\n  *  from 22.2 before 22.2R3-S3,\n  *  from 22.3 before 22.3R3-S2,\n  *  from 22.4 before 22.4R3,\n  *  from 23.2 before 23.2R2;\n\n\nJunos OS Evolved:\n\n\n  *  All versions before 21.4R3-S5-EVO,\n  *  from 22.1-EVO before 22.1R3-S5-EVO, \n  *  from 22.2-EVO before 22.2R3-S3-EVO, \n  *  from 22.3-EVO before 22.3R3-S2-EVO, \n  *  from 22.4-EVO before 22.4R3-EVO, \n  *  from 23.2-EVO before 23.2R2-EVO.",
  "id": "GHSA-gc6q-hh4v-5gvq",
  "modified": "2024-10-01T21:31:33Z",
  "published": "2024-07-11T00:32:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39560"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA83020"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.