An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbor to cause kernel memory exhaustion, leading to a kernel crash, resulting in a Denial of Service (DoS).
The kernel memory leak and eventual crash will be seen when the downstream RSVP neighbor has a persistent error which will not be corrected.
System kernel memory can be monitored through the use of the 'show system statistics kernel memory' command as shown below:
user@router> show system statistics kernel memory
Memory Size (kB) Percentage When
Active 753092 18.4% Now
Inactive 574300 14.0% Now
Wired 443236 10.8% Now
Cached 1911204 46.6% Now
Buf 32768 0.8% Now
Free 385072 9.4% Now
Kernel Memory Now
Data 312908 7.6% Now
Text 2560 0.1% Now
...
This issue affects:
Junos OS:
* All versions before 20.4R3-S9,
* All versions of 21.2,
* from 21.4 before 21.4R3-S5,
* from 22.1 before 22.1R3-S5,
* from 22.2 before 22.2R3-S3,
* from 22.3 before 22.3R3-S2,
* from 22.4 before 22.4R3,
* from 23.2 before 23.2R2;
Junos OS Evolved:
* All versions before 21.4R3-S5-EVO,
* from 22.1-EVO before 22.1R3-S5-EVO,
* from 22.2-EVO before 22.2R3-S3-EVO,
* from 22.3-EVO before 22.3R3-S2-EVO,
* from 22.4-EVO before 22.4R3-EVO,
* from 23.2-EVO before 23.2R2-EVO.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://supportportal.juniper.net/JSA83020 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: juniper
Published: 2024-07-10T22:44:55.736Z
Updated: 2024-08-02T04:26:15.909Z
Reserved: 2024-06-25T15:12:53.247Z
Link: CVE-2024-39560
Vulnrichment
Updated: 2024-07-11T15:02:05.604Z
NVD
Status : Awaiting Analysis
Published: 2024-07-10T23:15:13.140
Modified: 2024-07-11T17:15:16.867
Link: CVE-2024-39560
Redhat
No data.