跳转到帖子

Juniper Junos OS: 2024-07 Out-of-Cycle Security Bulletin: Junos OS: SRX Series and NFX Series: Specific valid traffic leads to a PFE crash (JSA83195) (CVE-2024-21586)

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

Juniper Junos OS: 2024-07 Out-of-Cycle Security Bulletin: Junos OS: SRX Series and NFX Series: Specific valid traffic leads to a PFE crash (JSA83195) (CVE-2024-21586)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
07/01/2024
Created
07/02/2024
Added
07/03/2024
Modified
01/28/2025

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series and NFX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an affected device receives specific valid traffic destined to the device, it will cause the PFE to crash and restart.Continued receipt and processing of this traffic will create a sustained DoS condition. This issue affects Junos OS on SRX Series: *21.4 versions before 21.4R3-S7.9, *22.1 versions before 22.1R3-S5.3, *22.2 versions before 22.2R3-S4.11, *22.3 versions before 22.3R3, *22.4 versions before 22.4R3. This issue affects Junos OS on NFX Series: *21.4 versions before 21.4R3-S8, *22.1 versions after 22.1R1, *22.2 versions before 22.2R3-S5, *22.3 versions before 22.3R3, *22.4 versions before 22.4R3. Junos OS versions prior to 21.4R1 are not affected by this issue.

Solution(s)

  • juniper-junos-os-upgrade-latest

References

  • https://attackerkb.com/topics/cve-2024-21586
  • CVE - 2024-21586
  • JSA83195
  • 引用
  • Mention
    • 查看数 701
    • 已创建
    • 最后回复

    参与讨论

    你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。

    游客
    回帖…
    转到主题列表