{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39549", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2024-06-25T15:12:53.246Z", "datePublished": "2024-07-11T16:27:19.238Z", "dateUpdated": "2025-02-26T18:16:27.497Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.2R3-S8", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "21.4R3-S8", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.2R3-S4", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R3-S3", "status": "affected", "version": "22.3", "versionType": "semver"}, {"lessThan": "22.4R3-S3", "status": "affected", "version": "22.4", "versionType": "semver"}, {"lessThan": "23.2R2-S1", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R1-S2, 23.4R2", "status": "affected", "version": "23.4", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "21.2R3-S8-EVO", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "21.4R3-S8-EVO", "status": "affected", "version": "21.4", "versionType": "semver"}, {"lessThan": "22.2R3-S4-EVO", "status": "affected", "version": "22.2", "versionType": "semver"}, {"lessThan": "22.3R3-S3-EVO", "status": "affected", "version": "22.3", "versionType": "semver"}, {"lessThan": "22.4R3-S3-EVO", "status": "affected", "version": "22.4", "versionType": "semver"}, {"lessThan": "23.2R2-S1-EVO", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R1-S2-EVO, 23.4R2-EVO", "status": "affected", "version": "23.4", "versionType": "semver"}]}], "datePublic": "2024-07-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of&nbsp;Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).<br><br>Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).<br><br><span style=\"background-color: rgb(255, 255, 255);\">Memory utilization could be monitored by:&nbsp;<br>user@host&gt; show system memory or show system monitor memory status</span><br><br>This issue affects:<br><br>Junos OS:&nbsp;<ul><li>All versions before 21.2R3-S8,&nbsp;</li><li>from 21.4 before 21.4R3-S8,<br></li><li>from 22.2 before 22.2R3-S4,&nbsp;</li><li>from 22.3 before 22.3R3-S3,&nbsp;</li><li>from 22.4 before 22.4R3-S3,</li><li>from 23.2 before 23.2R2-S1,&nbsp;</li><li>from 23.4 before 23.4R1-S2, 23.4R2.</li></ul>Junos OS Evolved:<br><ul><li>All versions before 21.2R3-S8-EVO, </li><li>from 21.4 before 21.4R3-S8-EVO,</li><li>from 22.2 before 22.2R3-S4-EVO, </li><li>from 22.3 before 22.3R3-S3-EVO, </li><li>from 22.4 before 22.4R3-S3-EVO,<br></li><li>from 23.2 before 23.2R2-S1-EVO, </li><li>from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.</li></ul><br>"}], "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\n\nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\n\nMemory utilization could be monitored by:\u00a0\nuser@host> show system memory or show system monitor memory status\n\nThis issue affects:\n\nJunos OS:\u00a0  *  All versions before 21.2R3-S8,\u00a0\n  *  from 21.4 before 21.4R3-S8,\n\n  *  from 22.2 before 22.2R3-S4,\u00a0\n  *  from 22.3 before 22.3R3-S3,\u00a0\n  *  from 22.4 before 22.4R3-S3,\n  *  from 23.2 before 23.2R2-S1,\u00a0\n  *  from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\n  *  All versions before 21.2R3-S8-EVO, \n  *  from 21.4 before 21.4R3-S8-EVO,\n  *  from 22.2 before 22.2R3-S4-EVO, \n  *  from 22.3 before 22.3R3-S3-EVO, \n  *  from 22.4 before 22.4R3-S3-EVO,\n\n  *  from 23.2 before 23.2R2-S1-EVO, \n  *  from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:U", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-401", "description": "CWE-401: Missing Release of Memory after Effective Lifetime", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-10-02T21:09:45.677Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://supportportal.juniper.net/JSA83011"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br> <br>Junos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, <span style=\"background-color: rgb(255, 255, 255);\">22.4R3-S3,&nbsp;</span>23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.<br><br>\nJunos OS Evolved:&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">21.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, <span style=\"background-color: rgb(255, 255, 255);\">22.3R3-S3-EVO,&nbsp;</span>22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases.&nbsp;</span><br>"}], "value": "The following software releases have been updated to resolve this specific issue:\n \nJunos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3,\u00a023.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\n\n\nJunos OS Evolved:\u00a021.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO,\u00a022.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases."}], "source": {"advisory": "JSA83011", "defect": ["1778879"], "discovery": "INTERNAL"}, "title": "Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>There are no known workarounds for this issue.</p>"}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "juniper", "product": "junos_os", "cpes": ["cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "21.2R3-S8", "versionType": "semver"}, {"version": "21.4", "status": "affected", "lessThan": "21.4R3-S8", "versionType": "semver"}, {"version": "22.2", "status": "affected", "lessThan": "22.2R3-S4", "versionType": "semver"}, {"version": "22.3", "status": "affected", "lessThan": "22.3R3-S3", "versionType": "semver"}, {"version": "22.4", "status": "affected", "lessThan": "22.4R3-S3", "versionType": "semver"}, {"version": "23.2", "status": "affected", "lessThan": "23.2R2-S1", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R1-S2", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R2", "versionType": "semver"}, {"version": "24.2", "status": "affected", "lessThan": "24.2R2", "versionType": "semver"}]}, {"vendor": "juniper", "product": "junos_os_evolved", "cpes": ["cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "21.2R3-S8-EVO", "versionType": "semver"}, {"version": "21.4", "status": "affected", "lessThan": "21.4R3-S8-EVO", "versionType": "semver"}, {"version": "22.2", "status": "affected", "lessThan": "22.2R3-S4-EVO", "versionType": "semver"}, {"version": "22.3", "status": "affected", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"version": "22.4", "status": "affected", "lessThan": "22.4R3-S3-EVO", "versionType": "semver"}, {"version": "23.2", "status": "affected", "lessThan": "23.2R2-S1-EVO", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R1-S2-EVO", "versionType": "semver"}, {"version": "23.4", "status": "affected", "lessThan": "23.4R2-EVO", "versionType": "semver"}, {"version": "24.2", "status": "affected", "lessThan": "24.2R2-EVO", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-26T18:16:20.812180Z", "id": "CVE-2024-39549", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T18:16:27.497Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.913Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://supportportal.juniper.net/JSA83011"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://supportportal.juniper.net/JSA83011", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:15.913Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39549", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-16T19:07:45.703893Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:juniper:junos_os:*:*:*:*:*:*:*:*"], "vendor": "juniper", "product": "junos_os", "versions": [{"status": "affected", "version": "0", "lessThan": "21.2R3-S8", "versionType": "semver"}, {"status": "affected", "version": "21.4", "lessThan": "21.4R3-S8", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S4", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S3", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S1", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S2", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2", "versionType": "semver"}, {"status": "affected", "version": "24.2", "lessThan": "24.2R2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*"], "vendor": "juniper", "product": "junos_os_evolved", "versions": [{"status": "affected", "version": "0", "lessThan": "21.2R3-S8-EVO", "versionType": "semver"}, {"status": "affected", "version": "21.4", "lessThan": "21.4R3-S8-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S4-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S1-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S2-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2-EVO", "versionType": "semver"}, {"status": "affected", "version": "24.2", "lessThan": "24.2R2-EVO", "versionType": "semver"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-16T19:19:32.539Z"}}], "cna": {"title": "Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak", "source": {"defect": ["1778879"], "advisory": "JSA83011", "discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/R:U", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "0", "lessThan": "21.2R3-S8", "versionType": "semver"}, {"status": "affected", "version": "21.4", "lessThan": "21.4R3-S8", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S4", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S3", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S1", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S2, 23.4R2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Juniper Networks", "product": "Junos OS Evolved", "versions": [{"status": "affected", "version": "0", "lessThan": "21.2R3-S8-EVO", "versionType": "semver"}, {"status": "affected", "version": "21.4", "lessThan": "21.4R3-S8-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.2", "lessThan": "22.2R3-S4-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.3", "lessThan": "22.3R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "22.4", "lessThan": "22.4R3-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S1-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R1-S2-EVO, 23.4R2-EVO", "versionType": "semver"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue:\n \nJunos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3,\u00a023.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.\n\n\nJunos OS Evolved:\u00a021.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO,\u00a022.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue:<br> <br>Junos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, <span style=\"background-color: rgb(255, 255, 255);\">22.4R3-S3,&nbsp;</span>23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases.<br><br>\nJunos OS Evolved:&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">21.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, <span style=\"background-color: rgb(255, 255, 255);\">22.3R3-S3-EVO,&nbsp;</span>22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases.&nbsp;</span><br>", "base64": false}]}], "datePublic": "2024-07-10T16:00:00.000Z", "references": [{"url": "https://supportportal.juniper.net/JSA83011", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "<p>There are no known workarounds for this issue.</p>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\n\nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\n\nMemory utilization could be monitored by:\u00a0\nuser@host> show system memory or show system monitor memory status\n\nThis issue affects:\n\nJunos OS:\u00a0  *  All versions before 21.2R3-S8,\u00a0\n  *  from 21.4 before 21.4R3-S8,\n\n  *  from 22.2 before 22.2R3-S4,\u00a0\n  *  from 22.3 before 22.3R3-S3,\u00a0\n  *  from 22.4 before 22.4R3-S3,\n  *  from 23.2 before 23.2R2-S1,\u00a0\n  *  from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\n  *  All versions before 21.2R3-S8-EVO, \n  *  from 21.4 before 21.4R3-S8-EVO,\n  *  from 22.2 before 22.2R3-S4-EVO, \n  *  from 22.3 before 22.3R3-S3-EVO, \n  *  from 22.4 before 22.4R3-S3-EVO,\n\n  *  from 23.2 before 23.2R2-S1-EVO, \n  *  from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.", "supportingMedia": [{"type": "text/html", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of&nbsp;Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).<br><br>Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).<br><br><span style=\"background-color: rgb(255, 255, 255);\">Memory utilization could be monitored by:&nbsp;<br>user@host&gt; show system memory or show system monitor memory status</span><br><br>This issue affects:<br><br>Junos OS:&nbsp;<ul><li>All versions before 21.2R3-S8,&nbsp;</li><li>from 21.4 before 21.4R3-S8,<br></li><li>from 22.2 before 22.2R3-S4,&nbsp;</li><li>from 22.3 before 22.3R3-S3,&nbsp;</li><li>from 22.4 before 22.4R3-S3,</li><li>from 23.2 before 23.2R2-S1,&nbsp;</li><li>from 23.4 before 23.4R1-S2, 23.4R2.</li></ul>Junos OS Evolved:<br><ul><li>All versions before 21.2R3-S8-EVO, </li><li>from 21.4 before 21.4R3-S8-EVO,</li><li>from 22.2 before 22.2R3-S4-EVO, </li><li>from 22.3 before 22.3R3-S3-EVO, </li><li>from 22.4 before 22.4R3-S3-EVO,<br></li><li>from 23.2 before 23.2R2-S1-EVO, </li><li>from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.</li></ul><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-401", "description": "CWE-401: Missing Release of Memory after Effective Lifetime"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2024-10-02T21:09:45.677Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39549", "state": "PUBLISHED", "dateUpdated": "2025-02-26T18:16:27.497Z", "dateReserved": "2024-06-25T15:12:53.246Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2024-07-11T16:27:19.238Z", "assignerShortName": "juniper"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "matchCriteriaId": "6137CE1A-C9AC-4FDE-801F-E40249F902BC", "versionEndIncluding": "21.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "53938295-8999-4316-9DED-88E24D037852", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "2307BF56-640F-49A8-B060-6ACB0F653A61", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "737DDF96-7B1D-44E2-AD0F-E2F50858B2A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "35E0BB39-18AE-4FAD-A528-FDFF6222DDE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "476A49E7-37E9-40F9-BF2D-9BBFFAA1DFFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "0A5B196A-2AF1-4AE5-9148-A75A572807BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "3B457616-2D91-4913-9A7D-038BBF8F1F66", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "C470FB4E-A927-4AF3-ACB0-AD1E264218B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "44E98BC3-1D43-481A-AB09-FFA502C36AAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "1A0DA88F-6C61-4FEA-ABF3-99F7DD43DB0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*", "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "9EC91F9D-DEDA-46B4-A39F-59A2CDB86C2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r3:*:*:*:*:*:*", "matchCriteriaId": "591AA3E6-62A2-4A1A-A04C-E808F71D8B6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "786F993E-32CB-492A-A7CC-A7E4F48EA8B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "60CEA89D-BAC4-41CD-A1D1-AA5EDDEBD54A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "BC449CC7-B2D6-41CB-8D6C-81DE89E79520", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*", "matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r2:*:*:*:*:*:*", "matchCriteriaId": "59DDA54E-6845-47EB-AE3C-5EC6BD33DFA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "574730B0-56C8-4A03-867B-1737148ED9B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "20EBC676-1B26-4A71-8326-0F892124290A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r3:*:*:*:*:*:*", "matchCriteriaId": "FB4C0FBF-8813-44E5-B71A-22CBAA603E2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "8BCDE58C-80CC-4C5A-9667-8A4468D8D76C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "19326769-2F08-4E61-8246-CCE7AE4483F7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*", "matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", "matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", "matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*", "matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*", "matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*", "matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*", "matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*", "matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8404916-D496-41C8-896B-24BAFE956C11", "versionEndIncluding": "21.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*", "matchCriteriaId": "620B0CDD-5566-472E-B96A-31D2C12E3120", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*", "matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*", "matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*", "matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "909FC378-EBFE-4BA9-8393-0C8301438020", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*", "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*", "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*", "matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*", "matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "9DB01252-2F11-41DB-9023-C74FD723334E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "F91450D5-F8CE-42EA-BB7E-312FCE024CD1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "4E616550-8711-4282-A8A1-11BD5974E650", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*", "matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*", "matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "C7FEFD0A-A969-4F53-8668-1231FD675D6F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*", "matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*", "matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "2FB9F20B-7683-4B0D-8D2B-5569414EBC29", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*", "matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*", "matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*", "matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3:*:*:*:*:*:*", "matchCriteriaId": "156DD8ED-CE6E-48C0-9E67-16B04767D62E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "10F9C2B1-BD81-4EDC-ADF5-4B0F39001C7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "61F649B0-0121-4760-9432-5F57214EFC2B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*", "matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*", "matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*", "matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*", "matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*", "matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*", "matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*", "matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*", "matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*", "matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of\u00a0Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS).\n\nConsumed memory can be freed by manually restarting Routing Protocol Daemon (rpd).\n\nMemory utilization could be monitored by:\u00a0\nuser@host> show system memory or show system monitor memory status\n\nThis issue affects:\n\nJunos OS:\u00a0  *  All versions before 21.2R3-S8,\u00a0\n  *  from 21.4 before 21.4R3-S8,\n\n  *  from 22.2 before 22.2R3-S4,\u00a0\n  *  from 22.3 before 22.3R3-S3,\u00a0\n  *  from 22.4 before 22.4R3-S3,\n  *  from 23.2 before 23.2R2-S1,\u00a0\n  *  from 23.4 before 23.4R1-S2, 23.4R2.\n\n\nJunos OS Evolved:\n  *  All versions before 21.2R3-S8-EVO, \n  *  from 21.4 before 21.4R3-S8-EVO,\n  *  from 22.2 before 22.2R3-S4-EVO, \n  *  from 22.3 before 22.3R3-S3-EVO, \n  *  from 22.4 before 22.4R3-S3-EVO,\n\n  *  from 23.2 before 23.2R2-S1-EVO, \n  *  from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de liberaci\u00f3n de memoria faltante despu\u00e9s de la vida \u00fatil efectiva en Routing Process Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite a un atacante enviar una actualizaci\u00f3n del atributo de ruta BGP con formato incorrecto que asigna la memoria utilizada para registrar el atributo de ruta incorrecta. Esta memoria no se libera correctamente en todas las circunstancias, lo que provoca una denegaci\u00f3n de servicio (DoS). La memoria consumida se puede liberar reiniciando manualmente Routing Protocol Daemon (rpd). La utilizaci\u00f3n de la memoria se puede monitorear mediante: user@host> show system memory or show system monitor memory status. Este problema afecta a: Junos OS: * Todas las versiones anteriores a 21.2R3-S8, * desde 21.4 antes de 21.4R3-S8, * desde 22.2 antes de 22.2 R3-S4, * de 22.3 antes de 22.3R3-S3, * de 22.4 antes de 22.4R3-S3, * de 23.2 antes de 23.2R2-S1, * de 23.4 antes de 23.4R1-S2, 23.4R2, * de 24.2 antes de 24.2R2- EVO. Junos OS Evolved: * Todas las versiones anteriores a 21.2R3-S8-EVO, * desde 21.4 anterior a 21.4R3-S8-EVO, * desde 22.2 anterior a 22.2R3-S4-EVO, * desde 22.3 anterior a 22.3R3-S3-EVO, * desde 22.4 antes de 22.4R3-S3-EVO, * desde 23.2 antes de 23.2R2-S1-EVO, * desde 23.4 antes de 23.4R1-S2, 23.4R2, * desde 24.2 antes de 24.2R2-EVO."}], "id": "CVE-2024-39549", "lastModified": "2024-11-21T09:27:59.253", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "USER", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "LOW", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "NONE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2024-07-11T17:15:15.433", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://supportportal.juniper.net/JSA83011"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://supportportal.juniper.net/JSA83011"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "sirt@juniper.net", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}