DoS via Improper Validation in Juniper Junos OS PFE (pre-22.2R3-S2)
CVE-2024-39542 Published on July 11, 2024
Junos OS and Junos OS Evolved: A malformed CFM packet or specific transit traffic leads to FPC crash
An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denial-of-Service (DoS).
This issue can occur in two scenarios:
1. If a device, which is configured with SFLOW and ECMP, receives specific valid transit traffic, which is subject to sampling, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. (This scenario is only applicable to PTX but not to ACX or MX.)
2. If a device receives a malformed CFM packet on an interface configured with CFM, the packetio process crashes, which in turn leads to an evo-aftman crash and causes the FPC to stop working until it is restarted. Please note that the CVSS score is for the formally more severe issue 1.
The CVSS score for scenario 2. is: 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
This issue affects Junos OS:
* All versions before 21.2R3-S4,
* 21.4 versions before 21.4R2,
* 22.2 versions before 22.2R3-S2;
Junos OS Evolved:
* All versions before 21.2R3-S8-EVO,
* 21.4 versions before 21.4R2-EVO.
Vulnerability Analysis
CVE-2024-39542 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Improper Validation of Syntactic Correctness of Input
The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.
Products Associated with CVE-2024-39542
stack.watch emails you whenever new vulnerabilities are published in Juniper Networks Junos Os Evolved or Juniper Networks Junos. Just hit a watch button to start following.
Affected Versions
Juniper Networks Junos OS:- Before 21.2R3-S4 is affected.
- Version 21.4 and below 21.4R2 is affected.
- Version 22.2 and below 22.2R2-S1, 22.2R3 is affected.
- Before 21.2R3-S8-EVO is affected.
- Version 21.4 and below 21.4R2-EVO is affected.
- Before 21.2r3-s4 is affected.
- Version 21.4 and below 21.4r2 is affected.
- Version 22.2 and below 22.2r2-s1 is affected.
- Version 22.2 and below 22.2r3 is affected.
- Before 21.2r3-s8-evo is affected.
- Version 21.4 and below 21.4r2-evo is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.