CVE-2024-21611

{"id": "CVE-2024-21611", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-01-12T01:15:49.263", "references": [{"url": "https://supportportal.juniper.net/JSA75752", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L", "tags": ["Third Party Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-401"}]}, {"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-401"}]}], "descriptions": [{"lang": "en", "value": "\nA Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).\n\nIn a Juniper Flow Monitoring (jflow) scenario route churn that causes BGP next hops to be updated will cause a slow memory leak and eventually a crash and restart of rpd.\n\nThread level memory utilization for the areas where the leak occurs can be checked using the below command:\n\nuser@host> show task memory detail | match so_in\nso_in6 28 32 344450 11022400 344760 11032320\nso_in 8 16 1841629 29466064 1841734 29467744\nThis issue affects:\n\nJunos OS\n\n\n\n * 21.4 versions earlier than 21.4R3;\n * 22.1 versions earlier than 22.1R3;\n * 22.2 versions earlier than 22.2R3.\n\n\n\n\nJunos OS Evolved\n\n\n\n * 21.4-EVO versions earlier than 21.4R3-EVO;\n * 22.1-EVO versions earlier than 22.1R3-EVO;\n * 22.2-EVO versions earlier than 22.2R3-EVO.\n\n\n\n\nThis issue does not affect:\n\nJuniper Networks Junos OS versions earlier than 21.4R1.\n\nJuniper Networks Junos OS Evolved versions earlier than 21.4R1.\n\n\n\n"}, {"lang": "es", "value": "Una vulnerabilidad de liberaci\u00f3n de memoria faltante despu\u00e9s de la vida \u00fatil efectiva en Routing Protocol Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante basado en red no autenticado provoque una denegaci\u00f3n de servicio (DoS). En un escenario de Juniper Flow Monitoring (jflow), la rotaci\u00f3n de rutas que hace que los siguientes saltos de BGP se actualicen provocar\u00e1 una p\u00e9rdida de memoria lenta y, finalmente, un bloqueo y reinicio de rpd. La utilizaci\u00f3n de la memoria a nivel de subproceso para las \u00e1reas donde se produce la fuga se puede verificar usando el siguiente comando: user@host> show task memory detail | match so_in so_in6 28 32 344450 11022400 344760 11032320 so_in 8 16 1841629 29466064 1841734 29467744. Este problema afecta a: Junos OS * 21.4 versiones anteriores a 21.4R3; * Versiones 22.1 anteriores a 22.1R3; * Versiones 22.2 anteriores a 22.2R3. Junos OS Evolved * Versiones 21.4-EVO anteriores a 21.4R3-EVO; * Versiones 22.1-EVO anteriores a 22.1R3-EVO; * Versiones 22.2-EVO anteriores a 22.2R3-EVO. Este problema no afecta a: versiones de Juniper Networks Junos OS anteriores a 21.4R1. Versiones evolucionadas de Juniper Networks Junos OS anteriores a 21.4R1."}], "lastModified": "2024-01-18T20:30:07.573", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3"}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D157211-535E-4B2D-B2FE-F697FAFDF65C"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3"}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C16434C0-21A7-4CE5-92E1-7D60A35EF5D1"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "236E23E5-8B04-4081-9D97-7300DF284000"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FC96EA7-90A7-4838-B95D-60DBC88C7BC7"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97541867-C52F-40BB-9AAE-7E87ED23D789"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85CF6664-E35A-4E9B-95C0-CDC91F7F331A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}