What is the severity of CVE-2024-30398?

CVE-2024-30398 has a severity rating indicating a potential for Denial of Service (DoS) attacks against affected systems.

How do I fix CVE-2024-30398?

To fix CVE-2024-30398, it is recommended to upgrade Junos OS to a patched version that addresses the vulnerability.

Which software versions are affected by CVE-2024-30398?

CVE-2024-30398 affects multiple versions of Junos OS including 21.2R3-S7, 21.4R3-S6, and others up to 23.2R2.

Can CVE-2024-30398 be exploited remotely?

Yes, CVE-2024-30398 can be exploited remotely by an unauthenticated network-based attacker.

What impact does CVE-2024-30398 have on Juniper Networks devices?

CVE-2024-30398 can lead to a Denial of Service (DoS) condition, affecting the availability of Juniper Networks devices.

Vulnerability/
CVE-2024-30398

high

8.7

CWE

119

EPSS

0.043%

12/4/2024

6/2/2025

CVE-2024-30398: Junos OS: SRX4600 Series - A high amount of specific traffic causes packet drops and an eventual PFE crash

First published: Fri Apr 12 2024(Updated: 3 months ago)

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a high amount of specific traffic is received on a SRX4600 device, due to an error in internal packet handling, a consistent rise in CPU memory utilization occurs. This results in packet drops in the traffic and eventually the PFE crashes. A manual reboot of the PFE will be required to restore the device to original state. This issue affects Junos OS: * 21.2 before 21.2R3-S7, * 21.4 before 21.4R3-S6, * 22.1 before 22.1R3-S5, * 22.2 before 22.2R3-S3, * 22.3 before 22.3R3-S2, * 22.4 before 22.4R3, * 23.2 before 23.2R1-S2, 23.2R2.

Credit: sirt@juniper.net

Affected Software	Affected Version	How to fix
All of
Any of
Junos OS Evolved	=21.2
Junos OS Evolved	=21.2-r1
Junos OS Evolved	=21.2-r1-s1
Junos OS Evolved	=21.2-r1-s2
Junos OS Evolved	=21.2-r2
Junos OS Evolved	=21.2-r2-s1
Junos OS Evolved	=21.2-r2-s2
Junos OS Evolved	=21.2-r3
Junos OS Evolved	=21.2-r3-s1
Junos OS Evolved	=21.2-r3-s2
Junos OS Evolved	=21.2-r3-s3
Junos OS Evolved	=21.2-r3-s4
Junos OS Evolved	=21.2-r3-s5
Junos OS Evolved	=21.2-r3-s6
Junos OS Evolved	=21.4
Junos OS Evolved	=21.4-r1
Junos OS Evolved	=21.4-r1-s1
Junos OS Evolved	=21.4-r1-s2
Junos OS Evolved	=21.4-r2
Junos OS Evolved	=21.4-r2-s1
Junos OS Evolved	=21.4-r2-s2
Junos OS Evolved	=21.4-r3
Junos OS Evolved	=21.4-r3-s1
Junos OS Evolved	=21.4-r3-s2
Junos OS Evolved	=21.4-r3-s3
Junos OS Evolved	=21.4-r3-s4
Junos OS Evolved	=21.4-r3-s5
Junos OS Evolved	=22.1
Junos OS Evolved	=22.1-r1
Junos OS Evolved	=22.1-r1-s1
Junos OS Evolved	=22.1-r1-s2
Junos OS Evolved	=22.1-r2
Junos OS Evolved	=22.1-r2-s1
Junos OS Evolved	=22.1-r2-s2
Junos OS Evolved	=22.1-r3
Junos OS Evolved	=22.1-r3-s1
Junos OS Evolved	=22.1-r3-s2
Junos OS Evolved	=22.1-r3-s3
Junos OS Evolved	=22.1-r3-s4
Junos OS Evolved	=22.2
Junos OS Evolved	=22.2-r1
Junos OS Evolved	=22.2-r1-s1
Junos OS Evolved	=22.2-r1-s2
Junos OS Evolved	=22.2-r2
Junos OS Evolved	=22.2-r2-s1
Junos OS Evolved	=22.2-r2-s2
Junos OS Evolved	=22.2-r3
Junos OS Evolved	=22.2-r3-s1
Junos OS Evolved	=22.2-r3-s2
Junos OS Evolved	=22.3
Junos OS Evolved	=22.3-r1
Junos OS Evolved	=22.3-r1-s1
Junos OS Evolved	=22.3-r1-s2
Junos OS Evolved	=22.3-r2
Junos OS Evolved	=22.3-r2-s1
Junos OS Evolved	=22.3-r2-s2
Junos OS Evolved	=22.3-r3
Junos OS Evolved	=22.3-r3-s1
Junos OS Evolved	=22.4
Junos OS Evolved	=22.4-r1
Junos OS Evolved	=22.4-r1-s1
Junos OS Evolved	=22.4-r1-s2
Junos OS Evolved	=22.4-r2
Junos OS Evolved	=22.4-r2-s1
Junos OS Evolved	=22.4-r2-s2
Junos OS Evolved	=23.2
Junos OS Evolved	=23.2-r1
Junos OS Evolved	=23.2-r1-s1
Juniper SRX4600
Juniper JUNOS	<21.2R3-S7<21.4R3-S6<22.1R3-S5<22.2R3-S3<22.3R3-S2<22.4R3<23.2R1-S2<23.2R2

Remedy

The following software releases have been updated to resolve this specific issue: 21.2R3-S7, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-30398?
CVE-2024-30398 has a severity rating indicating a potential for Denial of Service (DoS) attacks against affected systems.
How do I fix CVE-2024-30398?
To fix CVE-2024-30398, it is recommended to upgrade Junos OS to a patched version that addresses the vulnerability.
Which software versions are affected by CVE-2024-30398?
CVE-2024-30398 affects multiple versions of Junos OS including 21.2R3-S7, 21.4R3-S6, and others up to 23.2R2.
Can CVE-2024-30398 be exploited remotely?
Yes, CVE-2024-30398 can be exploited remotely by an unauthenticated network-based attacker.
What impact does CVE-2024-30398 have on Juniper Networks devices?
CVE-2024-30398 can lead to a Denial of Service (DoS) condition, affecting the availability of Juniper Networks devices.

agent/title
agent/weakness
agent/first-publish-date
agent/type
collector/epss-latest
source/FIRST
agent/epss
agent/author
agent/remedy
agent/references
agent/description
collector/mitre-cve
source/MITRE
agent/source
agent/last-modified-date
agent/severity
agent/event
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/nvd-api
source/NVD
vendor/juniper networks
canonical/juniper junos
vendor/juniper
canonical/junos os evolved
version/junos os evolved/21.2
version/junos os evolved/21.2-r1
version/junos os evolved/21.2-r1-s1
version/junos os evolved/21.2-r1-s2
version/junos os evolved/21.2-r2
version/junos os evolved/21.2-r2-s1
version/junos os evolved/21.2-r2-s2
version/junos os evolved/21.2-r3
version/junos os evolved/21.2-r3-s1
version/junos os evolved/21.2-r3-s2
version/junos os evolved/21.2-r3-s3
version/junos os evolved/21.2-r3-s4
version/junos os evolved/21.2-r3-s5
version/junos os evolved/21.2-r3-s6
version/junos os evolved/21.4
version/junos os evolved/21.4-r1
version/junos os evolved/21.4-r1-s1
version/junos os evolved/21.4-r1-s2
version/junos os evolved/21.4-r2
version/junos os evolved/21.4-r2-s1
version/junos os evolved/21.4-r2-s2
version/junos os evolved/21.4-r3
version/junos os evolved/21.4-r3-s1
version/junos os evolved/21.4-r3-s2
version/junos os evolved/21.4-r3-s3
version/junos os evolved/21.4-r3-s4
version/junos os evolved/21.4-r3-s5
version/junos os evolved/22.1
version/junos os evolved/22.1-r1
version/junos os evolved/22.1-r1-s1
version/junos os evolved/22.1-r1-s2
version/junos os evolved/22.1-r2
version/junos os evolved/22.1-r2-s1
version/junos os evolved/22.1-r2-s2
version/junos os evolved/22.1-r3
version/junos os evolved/22.1-r3-s1
version/junos os evolved/22.1-r3-s2
version/junos os evolved/22.1-r3-s3
version/junos os evolved/22.1-r3-s4
version/junos os evolved/22.2
version/junos os evolved/22.2-r1
version/junos os evolved/22.2-r1-s1
version/junos os evolved/22.2-r1-s2
version/junos os evolved/22.2-r2
version/junos os evolved/22.2-r2-s1
version/junos os evolved/22.2-r2-s2
version/junos os evolved/22.2-r3
version/junos os evolved/22.2-r3-s1
version/junos os evolved/22.2-r3-s2
version/junos os evolved/22.3
version/junos os evolved/22.3-r1
version/junos os evolved/22.3-r1-s1
version/junos os evolved/22.3-r1-s2
version/junos os evolved/22.3-r2
version/junos os evolved/22.3-r2-s1
version/junos os evolved/22.3-r2-s2
version/junos os evolved/22.3-r3
version/junos os evolved/22.3-r3-s1
version/junos os evolved/22.4
version/junos os evolved/22.4-r1
version/junos os evolved/22.4-r1-s1
version/junos os evolved/22.4-r1-s2
version/junos os evolved/22.4-r2
version/junos os evolved/22.4-r2-s1
version/junos os evolved/22.4-r2-s2
version/junos os evolved/23.2
version/junos os evolved/23.2-r1
version/junos os evolved/23.2-r1-s1
canonical/juniper srx4600