An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS).
This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below).
This issue affects:
Junos OS:
* all versions before 20.4R3-S10,
* from 21.2 before 21.2R3-S8,
* from 21.3 before 21.3R3,
* from 21.4 before 21.4R3,
* from 22.1 before 22.1R2;
Junos OS Evolved:
* all versions before 21.2R3-S8-EVO,
* from 21.3 before 21.3R3-EVO,
* from 21.4 before 21.4R3-EVO,
* from 22.1 before 22.1R2-EVO.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: juniper
Published: 2024-04-12T15:22:03.210Z
Updated: 2024-08-02T01:32:07.236Z
Reserved: 2024-03-26T23:06:12.474Z
Link: CVE-2024-30382
Vulnrichment
Updated: 2024-08-02T01:32:07.236Z
NVD
Status : Awaiting Analysis
Published: 2024-04-12T16:15:37.207
Modified: 2024-05-16T18:15:10.020
Link: CVE-2024-30382
Redhat
No data.