CVE Vulnerabilities

CVE-2024-30382

Improper Handling of Exceptional Conditions

Published: Apr 12, 2024 | Modified: Feb 06, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial of Service (DoS).

This issue can only be triggered when the system is configured for CoS-based forwarding (CBF) with a policy map containing a cos-next-hop-map action (see below). This issue affects: Junos OS:

  • all versions before 20.4R3-S10,
  • from 21.2 before 21.2R3-S8,
  • from 21.3 before 21.3R3,
  • from 21.4 before 21.4R3,
  • from 22.1 before 22.1R2;

Junos OS Evolved:

  • all versions before 21.2R3-S8-EVO,
  • from 21.3 before 21.3R3-EVO,
  • from 21.4 before 21.4R3-EVO,
  • from 22.1 before 22.1R2-EVO.

Weakness

The product does not handle or incorrectly handles an exceptional condition.

Affected Software

Name Vendor Start Version End Version
Junos Juniper * 20.4 (excluding)
Junos Juniper 20.4 (including) 20.4 (including)
Junos Juniper 20.4-r1 (including) 20.4-r1 (including)
Junos Juniper 20.4-r1-s1 (including) 20.4-r1-s1 (including)
Junos Juniper 20.4-r2 (including) 20.4-r2 (including)
Junos Juniper 20.4-r2-s1 (including) 20.4-r2-s1 (including)
Junos Juniper 20.4-r2-s2 (including) 20.4-r2-s2 (including)
Junos Juniper 20.4-r3 (including) 20.4-r3 (including)
Junos Juniper 20.4-r3-s1 (including) 20.4-r3-s1 (including)
Junos Juniper 20.4-r3-s2 (including) 20.4-r3-s2 (including)
Junos Juniper 20.4-r3-s3 (including) 20.4-r3-s3 (including)
Junos Juniper 20.4-r3-s4 (including) 20.4-r3-s4 (including)
Junos Juniper 20.4-r3-s5 (including) 20.4-r3-s5 (including)
Junos Juniper 20.4-r3-s6 (including) 20.4-r3-s6 (including)
Junos Juniper 20.4-r3-s7 (including) 20.4-r3-s7 (including)
Junos Juniper 20.4-r3-s8 (including) 20.4-r3-s8 (including)
Junos Juniper 20.4-r3-s9 (including) 20.4-r3-s9 (including)
Junos Juniper 21.2 (including) 21.2 (including)
Junos Juniper 21.2-r1 (including) 21.2-r1 (including)
Junos Juniper 21.2-r1-s1 (including) 21.2-r1-s1 (including)
Junos Juniper 21.2-r1-s2 (including) 21.2-r1-s2 (including)
Junos Juniper 21.2-r2 (including) 21.2-r2 (including)
Junos Juniper 21.2-r2-s1 (including) 21.2-r2-s1 (including)
Junos Juniper 21.2-r2-s2 (including) 21.2-r2-s2 (including)
Junos Juniper 21.2-r3 (including) 21.2-r3 (including)
Junos Juniper 21.2-r3-s1 (including) 21.2-r3-s1 (including)
Junos Juniper 21.2-r3-s2 (including) 21.2-r3-s2 (including)
Junos Juniper 21.2-r3-s3 (including) 21.2-r3-s3 (including)
Junos Juniper 21.2-r3-s4 (including) 21.2-r3-s4 (including)
Junos Juniper 21.2-r3-s5 (including) 21.2-r3-s5 (including)
Junos Juniper 21.2-r3-s6 (including) 21.2-r3-s6 (including)
Junos Juniper 21.2-r3-s7 (including) 21.2-r3-s7 (including)
Junos Juniper 21.3 (including) 21.3 (including)
Junos Juniper 21.3-r1 (including) 21.3-r1 (including)
Junos Juniper 21.3-r1-s1 (including) 21.3-r1-s1 (including)
Junos Juniper 21.3-r1-s2 (including) 21.3-r1-s2 (including)
Junos Juniper 21.3-r2 (including) 21.3-r2 (including)
Junos Juniper 21.3-r2-s1 (including) 21.3-r2-s1 (including)
Junos Juniper 21.3-r2-s2 (including) 21.3-r2-s2 (including)
Junos Juniper 21.4 (including) 21.4 (including)
Junos Juniper 21.4-r1 (including) 21.4-r1 (including)
Junos Juniper 21.4-r1-s1 (including) 21.4-r1-s1 (including)
Junos Juniper 21.4-r1-s2 (including) 21.4-r1-s2 (including)
Junos Juniper 21.4-r2 (including) 21.4-r2 (including)
Junos Juniper 21.4-r2-s1 (including) 21.4-r2-s1 (including)
Junos Juniper 21.4-r2-s2 (including) 21.4-r2-s2 (including)
Junos Juniper 22.1 (including) 22.1 (including)
Junos Juniper 22.1-r1 (including) 22.1-r1 (including)
Junos Juniper 22.1-r1-s1 (including) 22.1-r1-s1 (including)
Junos Juniper 22.1-r1-s2 (including) 22.1-r1-s2 (including)
Junos_os_evolved Juniper * 21.2 (excluding)
Junos_os_evolved Juniper 21.2 (including) 21.2 (including)
Junos_os_evolved Juniper 21.2-r1 (including) 21.2-r1 (including)
Junos_os_evolved Juniper 21.2-r1-s1 (including) 21.2-r1-s1 (including)
Junos_os_evolved Juniper 21.2-r1-s2 (including) 21.2-r1-s2 (including)
Junos_os_evolved Juniper 21.2-r2 (including) 21.2-r2 (including)
Junos_os_evolved Juniper 21.2-r2-s1 (including) 21.2-r2-s1 (including)
Junos_os_evolved Juniper 21.2-r2-s2 (including) 21.2-r2-s2 (including)
Junos_os_evolved Juniper 21.2-r3 (including) 21.2-r3 (including)
Junos_os_evolved Juniper 21.2-r3-s1 (including) 21.2-r3-s1 (including)
Junos_os_evolved Juniper 21.2-r3-s2 (including) 21.2-r3-s2 (including)
Junos_os_evolved Juniper 21.2-r3-s3 (including) 21.2-r3-s3 (including)
Junos_os_evolved Juniper 21.2-r3-s4 (including) 21.2-r3-s4 (including)
Junos_os_evolved Juniper 21.2-r3-s5 (including) 21.2-r3-s5 (including)
Junos_os_evolved Juniper 21.2-r3-s6 (including) 21.2-r3-s6 (including)
Junos_os_evolved Juniper 21.2-r3-s7 (including) 21.2-r3-s7 (including)
Junos_os_evolved Juniper 21.3 (including) 21.3 (including)
Junos_os_evolved Juniper 21.3-r1 (including) 21.3-r1 (including)
Junos_os_evolved Juniper 21.3-r1-s1 (including) 21.3-r1-s1 (including)
Junos_os_evolved Juniper 21.3-r2 (including) 21.3-r2 (including)
Junos_os_evolved Juniper 21.3-r2-s1 (including) 21.3-r2-s1 (including)
Junos_os_evolved Juniper 21.3-r2-s2 (including) 21.3-r2-s2 (including)
Junos_os_evolved Juniper 21.4 (including) 21.4 (including)
Junos_os_evolved Juniper 21.4-r1 (including) 21.4-r1 (including)
Junos_os_evolved Juniper 21.4-r1-s1 (including) 21.4-r1-s1 (including)
Junos_os_evolved Juniper 21.4-r1-s2 (including) 21.4-r1-s2 (including)
Junos_os_evolved Juniper 21.4-r2 (including) 21.4-r2 (including)
Junos_os_evolved Juniper 21.4-r2-s1 (including) 21.4-r2-s1 (including)
Junos_os_evolved Juniper 21.4-r2-s2 (including) 21.4-r2-s2 (including)
Junos_os_evolved Juniper 22.1 (including) 22.1 (including)
Junos_os_evolved Juniper 22.1-r1 (including) 22.1-r1 (including)
Junos_os_evolved Juniper 22.1-r1-s1 (including) 22.1-r1-s1 (including)
Junos_os_evolved Juniper 22.1-r1-s2 (including) 22.1-r1-s2 (including)

References