CVE-2024-21598

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).

If a BGP update is received over an established BGP session which contains a tunnel encapsulation attribute with a specifically malformed TLV, rpd will crash and restart.

This issue affects Juniper Networks Junos OS:

20.4 versions 20.4R1 and later versions earlier than 20.4R3-S9;
21.2 versions earlier than 21.2R3-S7;
21.3 versions earlier than 21.3R3-S5;
21.4 versions earlier than 21.4R3-S5;
22.1 versions earlier than 22.1R3-S4;
22.2 versions earlier than 22.2R3-S3;
22.3 versions earlier than 22.3R3-S1;
22.4 versions earlier than 22.4R3;
23.2 versions earlier than 23.2R1-S2, 23.2R2;

Junos OS Evolved:

20.4-EVO versions 20.4R1-EVO and later versions earlier than 20.4R3-S9-EVO;
21.2-EVO versions earlier than 21.2R3-S7-EVO;
21.3-EVO versions earlier than 21.3R3-S5-EVO;
21.4-EVO versions earlier than 21.4R3-S5-EVO;
22.1-EVO versions earlier than 22.1R3-S4-EVO;
22.2-EVO versions earlier than 22.2R3-S3-EVO;
22.3-EVO versions earlier than 22.3R3-S1-EVO;
22.4-EVO versions earlier than 22.4R3-EVO;
23.2-EVO versions earlier than 23.2R1-S2-EVO, 23.2R2-EVO;

This issue does not affect Juniper Networks

Junos OS versions earlier than 20.4R1;
Junos OS Evolved versions earlier than 20.4R1-EVO.

This is a related but separate issue than the one described in JSA79095.

Published: Apr 12, 2024
Updated: May 17, 2024
CVE: CVE-2024-21598
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
juniper / junos	20.4-r1	20.4-r1.x
juniper / junos	20.4-r1-s1	20.4-r1-s1.x
juniper / junos	20.4-r2	20.4-r2.x
juniper / junos	21.2-r1	21.2-r1.x
juniper / junos	20.4-r2-s1	20.4-r2-s1.x
juniper / junos	21.2-r1-s1	21.2-r1-s1.x
juniper / junos	20.4-r2-s2	20.4-r2-s2.x
juniper / junos	20.4-r3	20.4-r3.x
juniper / junos	20.4-r3-s1	20.4-r3-s1.x
juniper / junos	21.2	21.2.x
juniper / junos	21.2-r1-s2	21.2-r1-s2.x
juniper / junos	21.2-r2	21.2-r2.x
juniper / junos	21.2-r2-s1	21.2-r2-s1.x
juniper / junos	21.2-r2-s2	21.2-r2-s2.x
juniper / junos	21.3-r1	21.3-r1.x
juniper / junos	21.3-r1-s1	21.3-r1-s1.x
juniper / junos	21.3-r2	21.3-r2.x
juniper / junos	21.4-r1-s1	21.4-r1-s1.x
juniper / junos	20.4-r3-s2	20.4-r3-s2.x
juniper / junos	20.4-r3-s3	20.4-r3-s3.x
juniper / junos	20.4-r3-s4	20.4-r3-s4.x
juniper / junos	21.2-r3	21.2-r3.x
juniper / junos	21.3	21.3.x
juniper / junos	21.3-r1-s2	21.3-r1-s2.x
juniper / junos	21.3-r2-s1	21.3-r2-s1.x
juniper / junos	21.3-r2-s2	21.3-r2-s2.x
juniper / junos	21.3-r3	21.3-r3.x
juniper / junos	21.3-r3-s1	21.3-r3-s1.x
juniper / junos	21.4	21.4.x
juniper / junos	21.4-r1	21.4-r1.x
juniper / junos	21.4-r1-s2	21.4-r1-s2.x
juniper / junos	21.4-r2	21.4-r2.x
juniper / junos	21.4-r2-s1	21.4-r2-s1.x
juniper / junos	21.4-r2-s2	21.4-r2-s2.x
juniper / junos	21.4-r3	21.4-r3.x
juniper / junos	22.1-r1	22.1-r1.x
juniper / junos	22.1-r1-s1	22.1-r1-s1.x
juniper / junos	22.1-r1-s2	22.1-r1-s2.x
juniper / junos	22.1-r2	22.1-r2.x
juniper / junos	22.1-r2-s2	22.1-r2-s2.x
juniper / junos	22.2-r1	22.2-r1.x
juniper / junos	22.2-r1-s1	22.2-r1-s1.x
juniper / junos	20.4-r3-s5	20.4-r3-s5.x
juniper / junos	20.4-r3-s6	20.4-r3-s6.x
juniper / junos	20.4-r3-s7	20.4-r3-s7.x
juniper / junos	20.4-r3-s8	20.4-r3-s8.x
juniper / junos	21.2-r3-s1	21.2-r3-s1.x
juniper / junos	21.2-r3-s2	21.2-r3-s2.x
juniper / junos	21.2-r3-s3	21.2-r3-s3.x
juniper / junos	21.2-r3-s4	21.2-r3-s4.x
juniper / junos	21.2-r3-s5	21.2-r3-s5.x
juniper / junos	21.2-r3-s6	21.2-r3-s6.x
juniper / junos	21.3-r3-s2	21.3-r3-s2.x
juniper / junos	21.3-r3-s3	21.3-r3-s3.x
juniper / junos	21.3-r3-s4	21.3-r3-s4.x
juniper / junos	21.4-r3-s1	21.4-r3-s1.x
juniper / junos	21.4-r3-s2	21.4-r3-s2.x
juniper / junos	21.4-r3-s3	21.4-r3-s3.x
juniper / junos	21.4-r3-s4	21.4-r3-s4.x
juniper / junos	22.1	22.1.x
juniper / junos	22.1-r2-s1	22.1-r2-s1.x
juniper / junos	22.1-r3	22.1-r3.x
juniper / junos	22.1-r3-s1	22.1-r3-s1.x
juniper / junos	22.1-r3-s2	22.1-r3-s2.x
juniper / junos	22.1-r3-s3	22.1-r3-s3.x
juniper / junos	22.2	22.2.x
juniper / junos	22.2-r1-s2	22.2-r1-s2.x
juniper / junos	22.2-r2	22.2-r2.x
juniper / junos	22.2-r2-s1	22.2-r2-s1.x
juniper / junos	22.2-r2-s2	22.2-r2-s2.x
juniper / junos	22.2-r3	22.2-r3.x
juniper / junos	22.2-r3-s1	22.2-r3-s1.x
juniper / junos	22.2-r3-s2	22.2-r3-s2.x
juniper / junos	22.3	22.3.x
juniper / junos	22.3-r1	22.3-r1.x
juniper / junos	22.3-r1-s1	22.3-r1-s1.x
juniper / junos	22.3-r1-s2	22.3-r1-s2.x
juniper / junos	22.3-r2	22.3-r2.x
juniper / junos	22.3-r2-s1	22.3-r2-s1.x
juniper / junos	22.3-r2-s2	22.3-r2-s2.x
juniper / junos	22.3-r3	22.3-r3.x
juniper / junos	22.4	22.4.x
juniper / junos	22.4-r1	22.4-r1.x
juniper / junos	22.4-r1-s1	22.4-r1-s1.x
juniper / junos	22.4-r1-s2	22.4-r1-s2.x
juniper / junos	22.4-r2	22.4-r2.x
juniper / junos	22.4-r2-s1	22.4-r2-s1.x
juniper / junos	22.4-r2-s2	22.4-r2-s2.x
juniper / junos	23.2-r1-s1	23.2-r1-s1.x
juniper / junos	23.2-r1	23.2-r1.x
juniper / junos	23.2	23.2.x
juniper / junos_os_evolved	20.4-r1	20.4-r1.x
juniper / junos_os_evolved	21.2-r1	21.2-r1.x
juniper / junos_os_evolved	21.2-r1-s1	21.2-r1-s1.x
juniper / junos_os_evolved	21.2-r2	21.2-r2.x
juniper / junos_os_evolved	20.4-r1-s1	20.4-r1-s1.x
juniper / junos_os_evolved	20.4-r1-s2	20.4-r1-s2.x
juniper / junos_os_evolved	21.3-r1-s1	21.3-r1-s1.x
juniper / junos_os_evolved	21.3-r1	21.3-r1.x
juniper / junos_os_evolved	21.2-r2-s1	21.2-r2-s1.x
juniper / junos_os_evolved	21.2-r1-s2	21.2-r1-s2.x
juniper / junos_os_evolved	21.2	21.2.x
juniper / junos_os_evolved	20.4-r3-s2	20.4-r3-s2.x
juniper / junos_os_evolved	20.4-r3-s1	20.4-r3-s1.x
juniper / junos_os_evolved	20.4-r3	20.4-r3.x
juniper / junos_os_evolved	20.4-r2-s3	20.4-r2-s3.x
juniper / junos_os_evolved	20.4-r2-s2	20.4-r2-s2.x
juniper / junos_os_evolved	20.4-r2-s1	20.4-r2-s1.x
juniper / junos_os_evolved	20.4-r2	20.4-r2.x
juniper / junos_os_evolved	22.3-r1	22.3-r1.x
juniper / junos_os_evolved	22.2-r1-s1	22.2-r1-s1.x
juniper / junos_os_evolved	22.2-r1	22.2-r1.x
juniper / junos_os_evolved	22.1-r1-s2	22.1-r1-s2.x
juniper / junos_os_evolved	22.1-r1-s1	22.1-r1-s1.x
juniper / junos_os_evolved	22.1-r1	22.1-r1.x
juniper / junos_os_evolved	21.4-r2-s2	21.4-r2-s2.x
juniper / junos_os_evolved	21.4-r2-s1	21.4-r2-s1.x
juniper / junos_os_evolved	21.4-r2	21.4-r2.x
juniper / junos_os_evolved	21.4-r1-s2	21.4-r1-s2.x
juniper / junos_os_evolved	21.4-r1-s1	21.4-r1-s1.x
juniper / junos_os_evolved	21.4-r1	21.4-r1.x
juniper / junos_os_evolved	21.4	21.4.x
juniper / junos_os_evolved	21.3-r3	21.3-r3.x
juniper / junos_os_evolved	21.3-r2-s2	21.3-r2-s2.x
juniper / junos_os_evolved	21.3-r2-s1	21.3-r2-s1.x
juniper / junos_os_evolved	21.3-r2	21.3-r2.x
juniper / junos_os_evolved	21.3	21.3.x
juniper / junos_os_evolved	21.2-r3-s1	21.2-r3-s1.x
juniper / junos_os_evolved	21.2-r3	21.2-r3.x
juniper / junos_os_evolved	21.2-r2-s2	21.2-r2-s2.x
juniper / junos_os_evolved	20.4-r3-s5	20.4-r3-s5.x
juniper / junos_os_evolved	20.4-r3-s4	20.4-r3-s4.x
juniper / junos_os_evolved	20.4-r3-s3	20.4-r3-s3.x
juniper / junos_os_evolved	23.2-r1-s1	23.2-r1-s1.x
juniper / junos_os_evolved	23.2-r1	23.2-r1.x
juniper / junos_os_evolved	23.2	23.2.x
juniper / junos_os_evolved	22.4-r2-s2	22.4-r2-s2.x
juniper / junos_os_evolved	22.4-r2-s1	22.4-r2-s1.x
juniper / junos_os_evolved	22.4-r2	22.4-r2.x
juniper / junos_os_evolved	22.4-r1-s2	22.4-r1-s2.x
juniper / junos_os_evolved	22.4-r1-s1	22.4-r1-s1.x
juniper / junos_os_evolved	22.4-r1	22.4-r1.x
juniper / junos_os_evolved	22.4	22.4.x
juniper / junos_os_evolved	22.3-r3	22.3-r3.x
juniper / junos_os_evolved	22.3-r2-s2	22.3-r2-s2.x
juniper / junos_os_evolved	22.3-r2-s1	22.3-r2-s1.x
juniper / junos_os_evolved	22.3-r2	22.3-r2.x
juniper / junos_os_evolved	22.3-r1-s2	22.3-r1-s2.x
juniper / junos_os_evolved	22.3-r1-s1	22.3-r1-s1.x
juniper / junos_os_evolved	22.3	22.3.x
juniper / junos_os_evolved	22.2-r3-s2	22.2-r3-s2.x
juniper / junos_os_evolved	22.2-r3-s1	22.2-r3-s1.x
juniper / junos_os_evolved	22.2-r3	22.2-r3.x
juniper / junos_os_evolved	22.2-r2-s2	22.2-r2-s2.x
juniper / junos_os_evolved	22.2-r2-s1	22.2-r2-s1.x
juniper / junos_os_evolved	22.2-r2	22.2-r2.x
juniper / junos_os_evolved	22.2-r1-s2	22.2-r1-s2.x
juniper / junos_os_evolved	22.2	22.2.x
juniper / junos_os_evolved	22.1-r3-s3	22.1-r3-s3.x
juniper / junos_os_evolved	22.1-r3-s2	22.1-r3-s2.x
juniper / junos_os_evolved	22.1-r3-s1	22.1-r3-s1.x
juniper / junos_os_evolved	22.1-r3	22.1-r3.x
juniper / junos_os_evolved	22.1-r2-s1	22.1-r2-s1.x
juniper / junos_os_evolved	22.1-r2	22.1-r2.x
juniper / junos_os_evolved	22.1	22.1.x
juniper / junos_os_evolved	21.4-r3-s4	21.4-r3-s4.x
juniper / junos_os_evolved	21.4-r3-s3	21.4-r3-s3.x
juniper / junos_os_evolved	21.4-r3-s2	21.4-r3-s2.x
juniper / junos_os_evolved	21.4-r3-s1	21.4-r3-s1.x
juniper / junos_os_evolved	21.4-r3	21.4-r3.x
juniper / junos_os_evolved	21.3-r3-s4	21.3-r3-s4.x
juniper / junos_os_evolved	21.3-r3-s3	21.3-r3-s3.x
juniper / junos_os_evolved	21.3-r3-s2	21.3-r3-s2.x
juniper / junos_os_evolved	21.3-r3-s1	21.3-r3-s1.x
juniper / junos_os_evolved	21.2-r3-s6	21.2-r3-s6.x
juniper / junos_os_evolved	21.2-r3-s5	21.2-r3-s5.x
juniper / junos_os_evolved	21.2-r3-s4	21.2-r3-s4.x
juniper / junos_os_evolved	21.2-r3-s3	21.2-r3-s3.x
juniper / junos_os_evolved	21.2-r3-s2	21.2-r3-s2.x
juniper / junos_os_evolved	20.4-r3-s7	20.4-r3-s7.x
juniper / junos_os_evolved	20.4-r3-s6	20.4-r3-s6.x
juniper / junos_os_evolved	20.4-r3-s8	20.4-r3-s8.x

Vulnerability Database

289,599

CVE-2024-21598