A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.
This issue affects Juniper Networks Junos OS on SRX Series:
* All versions earlier than 20.4R3-S8;
* 21.2 versions earlier than 21.2R3-S6;
* 21.3 versions earlier than 21.3R3-S5;
* 21.4 versions earlier than 21.4R3-S5;
* 22.1 versions earlier than 22.1R3-S3;
* 22.2 versions earlier than 22.2R3-S3;
* 22.3 versions earlier than 22.3R3-S1;
* 22.4 versions earlier than 22.4R2-S2, 22.4R3.
Metrics
No CVSS v4.0
Attack Vector Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
User Interaction None
No CVSS v3.0
No CVSS v2
This CVE is not in the KEV list.
Key SSVC decision points have not yet been added.
Affected Vendors & Products
Vendors | Products |
---|---|
Juniper |
|
Configuration 1 [-]
AND |
|
No data.
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: juniper
Published: 2024-01-12T00:54:51.832Z
Updated: 2024-08-01T22:27:35.875Z
Reserved: 2023-12-27T19:38:25.707Z
Link: CVE-2024-21606
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-12T01:15:48.873
Modified: 2024-11-21T08:54:42.453
Link: CVE-2024-21606
Redhat
No data.