CVE-2024-39557 (GCVE-0-2024-39557)

Vulnerability from cvelistv5 – Published: 2024-07-10 22:39 – Updated: 2024-08-02 04:26
VLAI?
Title
Junos OS Evolved: MAC table changes cause a memory leak
Summary
An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS). Certain MAC table updates cause a small amount of memory to leak.  Once memory utilization reaches its limit, the issue will result in a system crash and restart. To identify the issue, execute the CLI command: user@device> show platform application-info allocations app l2ald-agent EVL Object Allocation Statistics: Node   Application     Context Name                               Live   Allocs   Fails     Guids re0   l2ald-agent               net::juniper::rtnh::L2Rtinfo       1069096 1069302   0         1069302 re0   l2ald-agent               net::juniper::rtnh::NHOpaqueTlv     114     195       0         195 This issue affects Junos OS Evolved: * All versions before 21.4R3-S8-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S3-EVO, * from 22.4-EVO before 22.4R3-EVO, * from 23.2-EVO before 23.2R2-EVO.
Severity ?
6.5 (Medium)
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 (High)
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Juniper Networks Junos OS Evolved Affected: 0 , < 21.4R3-S8-EVO (semver)
Affected: 22.2-EVO , < 22.2R3-S4-EVO (semver)
Affected: 22.3-EVO , < 22.3R3-S3-EVO (semver)
Affected: 22.4-EVO , < 22.4R3-EVO (semver)
Affected: 23.2-EVO , < 23.2R2-EVO (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-39557",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-12T20:01:39.694455Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T20:01:48.481Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:26:15.916Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://supportportal.juniper.net/JSA83017"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.4R3-S8-EVO",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "22.2R3-S4-EVO",
              "status": "affected",
              "version": "22.2-EVO",
              "versionType": "semver"
            },
            {
              "lessThan": "22.3R3-S3-EVO",
              "status": "affected",
              "version": "22.3-EVO",
              "versionType": "semver"
            },
            {
              "lessThan": "22.4R3-EVO",
              "status": "affected",
              "version": "22.4-EVO",
              "versionType": "semver"
            },
            {
              "lessThan": "23.2R2-EVO",
              "status": "affected",
              "version": "23.2-EVO",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2024-07-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An Uncontrolled Resource Consumption vulnerability in the \n\nLayer 2 Address Learning Daemon (l2ald)\n\n of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eCertain MAC table updates cause a small amount of memory to leak.\u0026nbsp; Once memory utilization reaches its limit, the issue will result in a system crash and restart.\u003cbr\u003e\u003cbr\u003eTo identify the issue, execute the CLI command:\u003cbr\u003e \u003cbr\u003e\u003ctt\u003euser@device\u0026gt; show platform application-info allocations app l2ald-agent\u003cbr\u003eEVL Object Allocation Statistics:\u003cbr\u003e \u003cbr\u003e Node  \u0026nbsp; Application  \u0026nbsp; \u0026nbsp;  Context   Name  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  Live  \u0026nbsp;  Allocs  \u0026nbsp;  Fails  \u0026nbsp; \u0026nbsp;  Guids\u003cbr\u003e re0  \u0026nbsp;  l2ald-agent  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  net::juniper::rtnh::L2Rtinfo  \u0026nbsp; \u0026nbsp; \u0026nbsp;  1069096  1069302  \u0026nbsp; 0  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  1069302\u003cbr\u003e re0  \u0026nbsp;  l2ald-agent  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  net::juniper::rtnh::NHOpaqueTlv  \u0026nbsp; \u0026nbsp;  114  \u0026nbsp; \u0026nbsp; 195  \u0026nbsp; \u0026nbsp; \u0026nbsp; 0  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  195\u003c/tt\u003e\u003cbr\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS Evolved: \u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--darkreader-bg--wht);\"\u003eAll versions before 21.4R3-S8-EVO,\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003efrom 22.2-EVO before 22.2R3-S4-EVO, \u003c/li\u003e\u003cli\u003efrom 22.3-EVO\u0026nbsp;before 22.3R3-S3-EVO, \u003c/li\u003e\u003cli\u003efrom 22.4-EVO before 22.4R3-EVO, \u003c/li\u003e\u003cli\u003efrom 23.2-EVO before 23.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e"
            }
          ],
          "value": "An Uncontrolled Resource Consumption vulnerability in the \n\nLayer 2 Address Learning Daemon (l2ald)\n\n of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS).\n\nCertain MAC table updates cause a small amount of memory to leak.\u00a0 Once memory utilization reaches its limit, the issue will result in a system crash and restart.\n\nTo identify the issue, execute the CLI command:\n \nuser@device\u003e show platform application-info allocations app l2ald-agent\nEVL Object Allocation Statistics:\n \n Node  \u00a0 Application  \u00a0 \u00a0  Context   Name  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0  Live  \u00a0  Allocs  \u00a0  Fails  \u00a0 \u00a0  Guids\n re0  \u00a0  l2ald-agent  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0  net::juniper::rtnh::L2Rtinfo  \u00a0 \u00a0 \u00a0  1069096  1069302  \u00a0 0  \u00a0 \u00a0 \u00a0 \u00a0  1069302\n re0  \u00a0  l2ald-agent  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0  net::juniper::rtnh::NHOpaqueTlv  \u00a0 \u00a0  114  \u00a0 \u00a0 195  \u00a0 \u00a0 \u00a0 0  \u00a0 \u00a0 \u00a0 \u00a0  195\n\n\n\nThis issue affects Junos OS Evolved: \n\n\n  *  All versions before 21.4R3-S8-EVO,\n\n  *  from 22.2-EVO before 22.2R3-S4-EVO, \n  *  from 22.3-EVO\u00a0before 22.3R3-S3-EVO, \n  *  from 22.4-EVO before 22.4R3-EVO, \n  *  from 23.2-EVO before 23.2R2-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-10T22:39:48.575Z",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://supportportal.juniper.net/JSA83017"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases."
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA83017",
        "defect": [
          "1756208"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS Evolved: MAC table changes cause a memory leak",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There are no known workarounds for this issue."
            }
          ],
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2024-39557",
    "datePublished": "2024-07-10T22:39:48.575Z",
    "dateReserved": "2024-06-25T15:12:53.247Z",
    "dateUpdated": "2024-08-02T04:26:15.916Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-39557\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-12T20:01:39.694455Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-12T20:01:44.254Z\"}}], \"cna\": {\"title\": \"Junos OS Evolved: MAC table changes cause a memory leak\", \"source\": {\"defect\": [\"1756208\"], \"advisory\": \"JSA83017\", \"discovery\": \"USER\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 7.1, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:A\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"LOW\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Juniper Networks\", \"product\": \"Junos OS Evolved\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"21.4R3-S8-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.2-EVO\", \"lessThan\": \"22.2R3-S4-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.3-EVO\", \"lessThan\": \"22.3R3-S3-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"22.4-EVO\", \"lessThan\": \"22.4R3-EVO\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"23.2-EVO\", \"lessThan\": \"23.2R2-EVO\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\", \"base64\": false}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"The following software releases have been updated to resolve this specific issue: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases.\", \"base64\": false}]}], \"datePublic\": \"2024-07-10T16:00:00.000Z\", \"references\": [{\"url\": \"https://supportportal.juniper.net/JSA83017\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There are no known workarounds for this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"There are no known workarounds for this issue.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An Uncontrolled Resource Consumption vulnerability in the \\n\\nLayer 2 Address Learning Daemon (l2ald)\\n\\n of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS).\\n\\nCertain MAC table updates cause a small amount of memory to leak.\\u00a0 Once memory utilization reaches its limit, the issue will result in a system crash and restart.\\n\\nTo identify the issue, execute the CLI command:\\n \\nuser@device\u003e show platform application-info allocations app l2ald-agent\\nEVL Object Allocation Statistics:\\n \\n Node  \\u00a0 Application  \\u00a0 \\u00a0  Context   Name  \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0  Live  \\u00a0  Allocs  \\u00a0  Fails  \\u00a0 \\u00a0  Guids\\n re0  \\u00a0  l2ald-agent  \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0  net::juniper::rtnh::L2Rtinfo  \\u00a0 \\u00a0 \\u00a0  1069096  1069302  \\u00a0 0  \\u00a0 \\u00a0 \\u00a0 \\u00a0  1069302\\n re0  \\u00a0  l2ald-agent  \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0 \\u00a0  net::juniper::rtnh::NHOpaqueTlv  \\u00a0 \\u00a0  114  \\u00a0 \\u00a0 195  \\u00a0 \\u00a0 \\u00a0 0  \\u00a0 \\u00a0 \\u00a0 \\u00a0  195\\n\\n\\n\\nThis issue affects Junos OS Evolved: \\n\\n\\n  *  All versions before 21.4R3-S8-EVO,\\n\\n  *  from 22.2-EVO before 22.2R3-S4-EVO, \\n  *  from 22.3-EVO\\u00a0before 22.3R3-S3-EVO, \\n  *  from 22.4-EVO before 22.4R3-EVO, \\n  *  from 23.2-EVO before 23.2R2-EVO.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An Uncontrolled Resource Consumption vulnerability in the \\n\\nLayer 2 Address Learning Daemon (l2ald)\\n\\n of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service (DoS).\u003cbr\u003e\u003cbr\u003eCertain MAC table updates cause a small amount of memory to leak.\u0026nbsp; Once memory utilization reaches its limit, the issue will result in a system crash and restart.\u003cbr\u003e\u003cbr\u003eTo identify the issue, execute the CLI command:\u003cbr\u003e \u003cbr\u003e\u003ctt\u003euser@device\u0026gt; show platform application-info allocations app l2ald-agent\u003cbr\u003eEVL Object Allocation Statistics:\u003cbr\u003e \u003cbr\u003e Node  \u0026nbsp; Application  \u0026nbsp; \u0026nbsp;  Context   Name  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  Live  \u0026nbsp;  Allocs  \u0026nbsp;  Fails  \u0026nbsp; \u0026nbsp;  Guids\u003cbr\u003e re0  \u0026nbsp;  l2ald-agent  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  net::juniper::rtnh::L2Rtinfo  \u0026nbsp; \u0026nbsp; \u0026nbsp;  1069096  1069302  \u0026nbsp; 0  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  1069302\u003cbr\u003e re0  \u0026nbsp;  l2ald-agent  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  net::juniper::rtnh::NHOpaqueTlv  \u0026nbsp; \u0026nbsp;  114  \u0026nbsp; \u0026nbsp; 195  \u0026nbsp; \u0026nbsp; \u0026nbsp; 0  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;  195\u003c/tt\u003e\u003cbr\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003cp\u003eThis issue affects Junos OS Evolved: \u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\\\"background-color: var(--darkreader-bg--wht);\\\"\u003eAll versions before 21.4R3-S8-EVO,\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003efrom 22.2-EVO before 22.2R3-S4-EVO, \u003c/li\u003e\u003cli\u003efrom 22.3-EVO\u0026nbsp;before 22.3R3-S3-EVO, \u003c/li\u003e\u003cli\u003efrom 22.4-EVO before 22.4R3-EVO, \u003c/li\u003e\u003cli\u003efrom 23.2-EVO before 23.2R2-EVO.\u003c/li\u003e\u003c/ul\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"shortName\": \"juniper\", \"dateUpdated\": \"2024-07-10T22:39:48.575Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-39557\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-07-12T20:01:48.481Z\", \"dateReserved\": \"2024-06-25T15:12:53.247Z\", \"assignerOrgId\": \"8cbe9d5a-a066-4c94-8978-4b15efeae968\", \"datePublished\": \"2024-07-10T22:39:48.575Z\", \"assignerShortName\": \"juniper\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.