CVE-2024-39541
An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).
When conflicting information (IP or ISO addresses) about a node is added to the Traffic Engineering (TE) database and then a subsequent operation attempts to process these, rpd will crash and restart.
This issue affects:
Junos OS:
- 22.4 versions before 22.4R3-S1,
- 23.2 versions before 23.2R2,
- 23.4 versions before 23.4R1-S1, 23.4R2,
This issue does not affect Junos OS versions earlier than 22.4R1.
Junos OS Evolved:
- 22.4-EVO versions before 22.4R3-S2-EVO,
- 23.2-EVO versions before 23.2R2-EVO,
- 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO,
This issue does not affect Junos OS Evolved versions earlier than
before 22.4R1.
| Software | From | Fixed in |
|---|---|---|
| juniper / junos | 22.4 | 22.4.x |
| juniper / junos | 22.4-r1 | 22.4-r1.x |
| juniper / junos | 22.4-r1-s1 | 22.4-r1-s1.x |
| juniper / junos | 22.4-r1-s2 | 22.4-r1-s2.x |
| juniper / junos | 22.4-r2 | 22.4-r2.x |
| juniper / junos | 22.4-r2-s1 | 22.4-r2-s1.x |
| juniper / junos | 22.4-r2-s2 | 22.4-r2-s2.x |
| juniper / junos | 22.4-r3 | 22.4-r3.x |
| juniper / junos | 23.2 | 23.2.x |
| juniper / junos | 23.2-r1 | 23.2-r1.x |
| juniper / junos | 23.2-r1-s1 | 23.2-r1-s1.x |
| juniper / junos | 23.2-r1-s2 | 23.2-r1-s2.x |
| juniper / junos | 23.4 | 23.4.x |
| juniper / junos | 23.4-r1 | 23.4-r1.x |
| juniper / junos | 23.4-r2 | 23.4-r2.x |
| juniper / junos_os_evolved | 22.4 | 22.4.x |
| juniper / junos_os_evolved | 22.4-r1 | 22.4-r1.x |
| juniper / junos_os_evolved | 22.4-r1-s1 | 22.4-r1-s1.x |
| juniper / junos_os_evolved | 22.4-r1-s2 | 22.4-r1-s2.x |
| juniper / junos_os_evolved | 22.4-r2 | 22.4-r2.x |
| juniper / junos_os_evolved | 22.4-r2-s1 | 22.4-r2-s1.x |
| juniper / junos_os_evolved | 22.4-r2-s2 | 22.4-r2-s2.x |
| juniper / junos_os_evolved | 22.4-r3 | 22.4-r3.x |
| juniper / junos_os_evolved | 22.4-r3-s1 | 22.4-r3-s1.x |
| juniper / junos_os_evolved | 23.2 | 23.2.x |
| juniper / junos_os_evolved | 23.2-r1 | 23.2-r1.x |
| juniper / junos_os_evolved | 23.2-r1-s1 | 23.2-r1-s1.x |
| juniper / junos_os_evolved | 23.2-r1-s2 | 23.2-r1-s2.x |
| juniper / junos_os_evolved | 23.4 | 23.4.x |
| juniper / junos_os_evolved | 23.4-r1 | 23.4-r1.x |
| juniper / junos_os_evolved | 23.4-r2 | 23.4-r2.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime