12/1/2024
18/1/2024
CVE-2024-21594: Junos OS: SRX 5000 Series: Repeated execution of a specific CLI command causes a flowd crash
First published: Fri Jan 12 2024(Updated: )
A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS).
On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which leads to a Flow Processing Daemon (flowd) crash.
The NSD process has to be restarted to restore services.
If this issue occurs, it can be checked with the following command:
user@host> request security policies check
The following log message can also be observed:
Error: policies are out of sync for PFE node<number>.fpc<number>.pic<number>.
This issue affects:
Juniper Networks Junos OS on SRX 5000 Series
* All versions earlier than 20.4R3-S6;
* 21.1 versions earlier than 21.1R3-S5;
* 21.2 versions earlier than 21.2R3-S4;
* 21.3 versions earlier than 21.3R3-S3;
* 21.4 versions earlier than 21.4R3-S3;
* 22.1 versions earlier than 22.1R3-S1;
* 22.2 versions earlier than 22.2R3;
* 22.3 versions earlier than 22.3R2.
Credit: sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|
Juniper JUNOS | <20.4 | |
Juniper JUNOS | =20.4 | |
Juniper JUNOS | =20.4-r1 | |
Juniper JUNOS | =20.4-r1-s1 | |
Juniper JUNOS | =20.4-r2 | |
Juniper JUNOS | =20.4-r2-s1 | |
Juniper JUNOS | =20.4-r2-s2 | |
Juniper JUNOS | =20.4-r3 | |
Juniper JUNOS | =20.4-r3-s1 | |
Juniper JUNOS | =20.4-r3-s2 | |
Juniper JUNOS | =20.4-r3-s3 | |
Juniper JUNOS | =20.4-r3-s4 | |
Juniper JUNOS | =20.4-r3-s5 | |
Juniper JUNOS | =21.1 | |
Juniper JUNOS | =21.1-r1 | |
Juniper JUNOS | =21.1-r1-s1 | |
Juniper JUNOS | =21.1-r2 | |
Juniper JUNOS | =21.1-r2-s1 | |
Juniper JUNOS | =21.1-r2-s2 | |
Juniper JUNOS | =21.1-r3 | |
Juniper JUNOS | =21.1-r3-s1 | |
Juniper JUNOS | =21.1-r3-s2 | |
Juniper JUNOS | =21.1-r3-s3 | |
Juniper JUNOS | =21.1-r3-s4 | |
Juniper JUNOS | =21.2 | |
Juniper JUNOS | =21.2-r1 | |
Juniper JUNOS | =21.2-r1-s1 | |
Juniper JUNOS | =21.2-r1-s2 | |
Juniper JUNOS | =21.2-r2 | |
Juniper JUNOS | =21.2-r2-s1 | |
Juniper JUNOS | =21.2-r2-s2 | |
Juniper JUNOS | =21.2-r3 | |
Juniper JUNOS | =21.2-r3-s1 | |
Juniper JUNOS | =21.2-r3-s2 | |
Juniper JUNOS | =21.2-r3-s3 | |
Juniper JUNOS | =21.3 | |
Juniper JUNOS | =21.3-r1 | |
Juniper JUNOS | =21.3-r1-s1 | |
Juniper JUNOS | =21.3-r1-s2 | |
Juniper JUNOS | =21.3-r2 | |
Juniper JUNOS | =21.3-r2-s1 | |
Juniper JUNOS | =21.3-r2-s2 | |
Juniper JUNOS | =21.3-r3 | |
Juniper JUNOS | =21.3-r3-s1 | |
Juniper JUNOS | =21.3-r3-s2 | |
Juniper JUNOS | =21.4 | |
Juniper JUNOS | =21.4-r1 | |
Juniper JUNOS | =21.4-r1-s1 | |
Juniper JUNOS | =21.4-r1-s2 | |
Juniper JUNOS | =21.4-r2 | |
Juniper JUNOS | =21.4-r2-s1 | |
Juniper JUNOS | =21.4-r2-s2 | |
Juniper JUNOS | =21.4-r3 | |
Juniper JUNOS | =21.4-r3-s1 | |
Juniper JUNOS | =21.4-r3-s2 | |
Juniper JUNOS | =22.1 | |
Juniper JUNOS | =22.1-r1 | |
Juniper JUNOS | =22.1-r1-s1 | |
Juniper JUNOS | =22.1-r1-s2 | |
Juniper JUNOS | =22.1-r2 | |
Juniper JUNOS | =22.1-r2-s1 | |
Juniper JUNOS | =22.1-r2-s2 | |
Juniper JUNOS | =22.1-r3 | |
Juniper JUNOS | =22.2 | |
Juniper JUNOS | =22.2-r1 | |
Juniper JUNOS | =22.2-r1-s1 | |
Juniper JUNOS | =22.2-r1-s2 | |
Juniper JUNOS | =22.2-r2 | |
Juniper JUNOS | =22.2-r2-s1 | |
Juniper JUNOS | =22.2-r2-s2 | |
Juniper JUNOS | =22.3 | |
Juniper JUNOS | =22.3-r1 | |
Juniper JUNOS | =22.3-r1-s1 | |
Juniper JUNOS | =22.3-r1-s2 | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/references
- agent/title
- agent/author
- agent/type
- agent/first-publish-date
- collector/epss-latest
- source/FIRST
- agent/description
- agent/epss
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/20.4
- version/juniper junos/20.4-r1
- version/juniper junos/20.4-r1-s1
- version/juniper junos/20.4-r2
- version/juniper junos/20.4-r2-s1
- version/juniper junos/20.4-r2-s2
- version/juniper junos/20.4-r3
- version/juniper junos/20.4-r3-s1
- version/juniper junos/20.4-r3-s2
- version/juniper junos/20.4-r3-s3
- version/juniper junos/20.4-r3-s4
- version/juniper junos/20.4-r3-s5
- version/juniper junos/21.1
- version/juniper junos/21.1-r1
- version/juniper junos/21.1-r1-s1
- version/juniper junos/21.1-r2
- version/juniper junos/21.1-r2-s1
- version/juniper junos/21.1-r2-s2
- version/juniper junos/21.1-r3
- version/juniper junos/21.1-r3-s1
- version/juniper junos/21.1-r3-s2
- version/juniper junos/21.1-r3-s3
- version/juniper junos/21.1-r3-s4
- version/juniper junos/21.2
- version/juniper junos/21.2-r1
- version/juniper junos/21.2-r1-s1
- version/juniper junos/21.2-r1-s2
- version/juniper junos/21.2-r2
- version/juniper junos/21.2-r2-s1
- version/juniper junos/21.2-r2-s2
- version/juniper junos/21.2-r3
- version/juniper junos/21.2-r3-s1
- version/juniper junos/21.2-r3-s2
- version/juniper junos/21.2-r3-s3
- version/juniper junos/21.3
- version/juniper junos/21.3-r1
- version/juniper junos/21.3-r1-s1
- version/juniper junos/21.3-r1-s2
- version/juniper junos/21.3-r2
- version/juniper junos/21.3-r2-s1
- version/juniper junos/21.3-r2-s2
- version/juniper junos/21.3-r3
- version/juniper junos/21.3-r3-s1
- version/juniper junos/21.3-r3-s2
- version/juniper junos/21.4
- version/juniper junos/21.4-r1
- version/juniper junos/21.4-r1-s1
- version/juniper junos/21.4-r1-s2
- version/juniper junos/21.4-r2
- version/juniper junos/21.4-r2-s1
- version/juniper junos/21.4-r2-s2
- version/juniper junos/21.4-r3
- version/juniper junos/21.4-r3-s1
- version/juniper junos/21.4-r3-s2
- version/juniper junos/22.1
- version/juniper junos/22.1-r1
- version/juniper junos/22.1-r1-s1
- version/juniper junos/22.1-r1-s2
- version/juniper junos/22.1-r2
- version/juniper junos/22.1-r2-s1
- version/juniper junos/22.1-r2-s2
- version/juniper junos/22.1-r3
- version/juniper junos/22.2
- version/juniper junos/22.2-r1
- version/juniper junos/22.2-r1-s1
- version/juniper junos/22.2-r1-s2
- version/juniper junos/22.2-r2
- version/juniper junos/22.2-r2-s1
- version/juniper junos/22.2-r2-s2
- version/juniper junos/22.3
- version/juniper junos/22.3-r1
- version/juniper junos/22.3-r1-s1
- version/juniper junos/22.3-r1-s2
Contact
SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.coBy using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203