Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2024-21599

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).

If an MX Series device receives PTP packets on an MPC3E that doesn't support PTP this causes a memory leak which will result in unpredictable behavior and ultimately in an MPC crash and restart.

To monitor for this issue, please use the following FPC vty level commands:

show heap shows an increase in "LAN buffer" utilization and

show clksync ptp nbr-upd-info shows non-zero "Pending PFEs" counter.

This issue affects Juniper Networks Junos OS on MX Series with MPC3E:

  • All versions earlier than 20.4R3-S3;
  • 21.1 versions earlier than 21.1R3-S4;
  • 21.2 versions earlier than 21.2R3;
  • 21.3 versions earlier than 21.3R2-S1, 21.3R3;
  • 21.4 versions earlier than 21.4R2;
  • 22.1 versions earlier than 22.1R2.
  • Published: Jan 12, 2024
  • Updated: Jan 20, 2024
  • CVE: CVE-2024-21599
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
juniper / junos 20.4-r1 20.4-r1.x
juniper / junos 20.4-r1-s1 20.4-r1-s1.x
juniper / junos 20.4-r2 20.4-r2.x
juniper / junos 20.4-r2-s1 20.4-r2-s1.x
juniper / junos 20.4-r3 20.4-r3.x
juniper / junos 20.4-r3-s1 20.4-r3-s1.x
juniper / junos 20.4-r2-s2 20.4-r2-s2.x
juniper / junos 20.4 20.4.x
juniper / junos 20.4-r3-s2 20.4-r3-s2.x
juniper / junos 21.1-r1 21.1-r1.x
juniper / junos 21.1-r1-s1 21.1-r1-s1.x
juniper / junos 21.1-r2 21.1-r2.x
juniper / junos 21.1-r3 21.1-r3.x
juniper / junos 21.1-r2-s1 21.1-r2-s1.x
juniper / junos 21.1 21.1.x
juniper / junos 21.1-r2-s2 21.1-r2-s2.x
juniper / junos 21.1-r3-s1 21.1-r3-s1.x
juniper / junos 21.1-r3-s2 21.1-r3-s2.x
juniper / junos 21.1-r3-s3 21.1-r3-s3.x
juniper / junos 21.2-r1 21.2-r1.x
juniper / junos 21.2-r1-s1 21.2-r1-s1.x
juniper / junos 21.2-r2 21.2-r2.x
juniper / junos 21.2 21.2.x
juniper / junos 21.2-r1-s2 21.2-r1-s2.x
juniper / junos 21.2-r2-s1 21.2-r2-s1.x
juniper / junos 21.2-r2-s2 21.2-r2-s2.x
juniper / junos 21.3-r1 21.3-r1.x
juniper / junos 21.3-r2 21.3-r2.x
juniper / junos 21.3-r1-s1 21.3-r1-s1.x
juniper / junos 21.3-r1-s2 21.3-r1-s2.x
juniper / junos 21.3 21.3.x
juniper / junos 21.4-r1-s1 21.4-r1-s1.x
juniper / junos 21.4-r1 21.4-r1.x
juniper / junos 21.4-r1-s2 21.4-r1-s2.x
juniper / junos 21.4 21.4.x
juniper / junos 22.1-r1 22.1-r1.x
juniper / junos 22.1-r1-s1 22.1-r1-s1.x
juniper / junos 22.1-r1-s2 22.1-r1-s2.x
juniper / junos 22.1 22.1.x