U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

Vulnerability Change Records for CVE-2024-39560

Change History

CVE Modified by Juniper Networks, Inc. 7/11/2024 1:15:16 PM

Action Type Old Value New Value
Changed Description 
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS).

The kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected.

System kernel memory can be monitored through the use of the 'show system statistics kernel memory' command as shown below:

user@router> show system statistics kernel memory
Memory                 Size (kB)  Percentage  When
  Active                  753092       18.4%  Now
  Inactive                574300       14.0%  Now
  Wired                  443236       10.8%  Now
  Cached                1911204       46.6%  Now
  Buf                      32768      0.8%  Now
  Free                    385072      9.4%  Now
Kernel Memory                             Now
  Data                    312908      7.6%  Now
  Text                      2560      0.1%  Now
...

This issue affects:
Junos OS:


  *  All versions before 20.4R3-S9,
  *  from 21.4 before 21.4R3-S5,
  *  from 22.1 before 22.1R3-S5,
  *  from 22.2 before 22.2R3-S3,
  *  from 22.3 before 22.3R3-S2,
  *  from 22.4 before 22.4R3,
  *  from 23.2 before 23.2R2;


Junos OS Evolved:


  *  All versions before 21.4R3-S5-EVO,
  *  from 22.1-EVO before 22.1R3-S5-EVO, 
  *  from 22.2-EVO before 22.2R3-S3-EVO, 
  *  from 22.3-EVO before 22.3R3-S2-EVO, 
  *  from 22.4-EVO before 22.4R3-EVO, 
  *  from 23.2-EVO before 23.2R2-EVO.
 
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS).

The kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected.

System kernel memory can be monitored through the use of the 'show system statistics kernel memory' command as shown below:

user@router> show system statistics kernel memory
Memory                 Size (kB)  Percentage  When
  Active                  753092       18.4%  Now
  Inactive                574300       14.0%  Now
  Wired                  443236       10.8%  Now
  Cached                1911204       46.6%  Now
  Buf                      32768      0.8%  Now
  Free                    385072      9.4%  Now
Kernel Memory                             Now
  Data                    312908      7.6%  Now
  Text                      2560      0.1%  Now
...

This issue affects:
Junos OS:


  *  All versions before 20.4R3-S9,
  *  All versions of 21.2,
  *  from 21.4 before 21.4R3-S5,
  *  from 22.1 before 22.1R3-S5,
  *  from 22.2 before 22.2R3-S3,
  *  from 22.3 before 22.3R3-S2,
  *  from 22.4 before 22.4R3,
  *  from 23.2 before 23.2R2;


Junos OS Evolved:


  *  All versions before 21.4R3-S5-EVO,
  *  from 22.1-EVO before 22.1R3-S5-EVO, 
  *  from 22.2-EVO before 22.2R3-S3-EVO, 
  *  from 22.3-EVO before 22.3R3-S2-EVO, 
  *  from 22.4-EVO before 22.4R3-EVO, 
  *  from 23.2-EVO before 23.2R2-EVO.