A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).
When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.
This issue only affects MX Series devices with Line cards MPC1-MPC9.
This issue affects:
Junos OS on MX Series:
* All versions before 21.4R3-S9,
* from 22.2 before 22.2R3-S5,
* from 22.3 before 22.3R3-S4,
* from 22.4 before 22.4R3-S2,
* from 23.2 before 23.2R2-S1,
* from 23.4 before 23.4R2.
When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.
This issue only affects MX Series devices with Line cards MPC1-MPC9.
This issue affects:
Junos OS on MX Series:
* All versions before 21.4R3-S9,
* from 22.2 before 22.2R3-S5,
* from 22.3 before 22.3R3-S4,
* from 22.4 before 22.4R3-S2,
* from 23.2 before 23.2R2-S1,
* from 23.4 before 23.4R2.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS | unaffected |
|
Configuration 1 [-]
| AND |
|
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Juniper Networks
Subscribe
|
Junos Os
Subscribe
|
Project Subscriptions
| Vendors | Products |
|---|---|
|
Juniper
Subscribe
|
2x100ge \+ 4x10ge Mpc5e
Subscribe
2x100ge \+ 4x10ge Mpc5eq
Subscribe
2x100ge \+ 8x10ge Mpc4e
Subscribe
32x10ge Mpc4e
Subscribe
6x40ge \+ 24x10ge Mpc5e
Subscribe
6x40ge \+ 24x10ge Mpc5eq
Subscribe
Junos
Subscribe
Mpc1
Subscribe
Mpc1 Q
Subscribe
Mpc1e
Subscribe
Mpc1e Q
Subscribe
Mpc2
Subscribe
Mpc2 Eq
Subscribe
Mpc2 Q
Subscribe
Mpc2e
Subscribe
Mpc2e Eq
Subscribe
Mpc2e Ng
Subscribe
Mpc2e Ng Q
Subscribe
Mpc2e P
Subscribe
Mpc2e Q
Subscribe
Mpc3e
Subscribe
Mpc3e-3d-ng
Subscribe
Mpc3e-3d-ng-q
Subscribe
Mpc6e
Subscribe
Mpc7e-10g
Subscribe
Mpc7e-mrate
Subscribe
Mpc8e
Subscribe
Mpc9e
Subscribe
Mx2008
Subscribe
Mx2010
Subscribe
Mx240
Subscribe
Mx480
Subscribe
Mx960
Subscribe
|
|
Juniper Networks
Subscribe
|
Junos Os
Subscribe
|
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-42500 | A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition. This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2-S1, * from 23.4 before 23.4R2. |
Fixes
Solution
The following software releases of Junos OS have been updated to resolve this specific issue: 21.4R3-S9, 22.2R3-S5, 22.3R3-S4, 22.4R3-S2, 23.2R2-S1, 23.4R2, 24.2R1 and all subsequent releases.
Workaround
There are no known workarounds for this issue. Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.
References
| Link | Providers |
|---|---|
| https://supportportal.juniper.net/ |
|
History
Mon, 26 Jan 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Juniper
Juniper 2x100ge \+ 4x10ge Mpc5e Juniper 2x100ge \+ 4x10ge Mpc5eq Juniper 2x100ge \+ 8x10ge Mpc4e Juniper 32x10ge Mpc4e Juniper 6x40ge \+ 24x10ge Mpc5e Juniper 6x40ge \+ 24x10ge Mpc5eq Juniper junos Juniper mpc1 Juniper mpc1 Q Juniper mpc1e Juniper mpc1e Q Juniper mpc2 Juniper mpc2 Eq Juniper mpc2 Q Juniper mpc2e Juniper mpc2e Eq Juniper mpc2e Ng Juniper mpc2e Ng Q Juniper mpc2e P Juniper mpc2e Q Juniper mpc3e Juniper mpc3e-3d-ng Juniper mpc3e-3d-ng-q Juniper mpc6e Juniper mpc7e-10g Juniper mpc7e-mrate Juniper mpc8e Juniper mpc9e Juniper mx2008 Juniper mx2010 Juniper mx240 Juniper mx480 Juniper mx960 |
|
| CPEs | cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:2x100ge_\+_4x10ge_mpc5eq:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:2x100ge_\+_8x10ge_mpc4e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:32x10ge_mpc4e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:6x40ge_\+_24x10ge_mpc5eq:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc1:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc1_q:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc1e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc1e_q:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2_eq:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2_q:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2e_eq:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2e_ng:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2e_ng_q:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2e_p:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc2e_q:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc3e-3d-ng-q:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc3e-3d-ng:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc3e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc6e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc7e-10g:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc7e-mrate:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc8e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mpc9e:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s10:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s11:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s12:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3-s8:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r3-s4:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r3-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r3-s3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:* |
|
| Vendors & Products |
Juniper
Juniper 2x100ge \+ 4x10ge Mpc5e Juniper 2x100ge \+ 4x10ge Mpc5eq Juniper 2x100ge \+ 8x10ge Mpc4e Juniper 32x10ge Mpc4e Juniper 6x40ge \+ 24x10ge Mpc5e Juniper 6x40ge \+ 24x10ge Mpc5eq Juniper junos Juniper mpc1 Juniper mpc1 Q Juniper mpc1e Juniper mpc1e Q Juniper mpc2 Juniper mpc2 Eq Juniper mpc2 Q Juniper mpc2e Juniper mpc2e Eq Juniper mpc2e Ng Juniper mpc2e Ng Q Juniper mpc2e P Juniper mpc2e Q Juniper mpc3e Juniper mpc3e-3d-ng Juniper mpc3e-3d-ng-q Juniper mpc6e Juniper mpc7e-10g Juniper mpc7e-mrate Juniper mpc8e Juniper mpc9e Juniper mx2008 Juniper mx2010 Juniper mx240 Juniper mx480 Juniper mx960 |
Fri, 11 Oct 2024 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 11 Oct 2024 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition. This issue only affects MX Series devices with Line cards MPC1-MPC9. This issue affects: Junos OS on MX Series: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S2, * from 23.2 before 23.2R2-S1, * from 23.4 before 23.4R2. | |
| Title | Junos OS: MX Series: The PFE will crash on running specific command | |
| Weaknesses | CWE-476 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: juniper
Published:
Updated: 2024-10-11T17:42:39.299Z
Reserved: 2024-09-25T15:26:52.609Z
Link: CVE-2024-47496
Vulnrichment
Updated: 2024-10-11T17:42:35.236Z
NVD
Status : Analyzed
Published: 2024-10-11T16:15:10.080
Modified: 2026-01-26T18:19:15.840
Link: CVE-2024-47496
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-07-12T22:23:34Z
Weaknesses