CVE-2024-39525: Junos OS and Junos OS Evolved: When BGP traceoptions is enabled, receipt of specially crafted BGP packet causes RPD crash
First published: Wed Oct 09 2024(Updated: )
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specific BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects systems with BGP traceoptions enabled and requires a BGP session to be already established. Systems without BGP traceoptions enabled are not affected by this issue. This issue affects iBGP and eBGP, and both IPv4 and IPv6 are affected by this vulnerability. This issue affects: Junos OS: * All versions before 21.2R3-S8, * from 21.4 before 21.4R3-S8, * from 22.2 before 22.2R3-S4, * from 22.3 before 22.3R3-S4, * from 22.4 before 22.4R3-S3, * from 23.2 before 23.2R2-S1, * from 23.4 before 23.4R2; Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * from 21.4-EVO before 21.4R3-S8-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S4-EVO, * from 22.4-EVO before 22.4R3-S3-EVO, * from 23.2-EVO before 23.2R2-S1-EVO, * from 23.4-EVO before 23.4R2-EVO.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos | <21.2R3-S8>=undefined>=undefined>=undefined>=undefined>=undefined>=undefined | |
| Juniper Networks Junos OS | <21.2R3-S8-EVO>=undefined>=undefined>=undefined>=undefined>=undefined>=undefined |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S4*, 22.4R3-S3, 23.2R2-S1, 23.4R2, 24.2R1, and all subsequent releases. Junos OS Evolved 21.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S4-EVO*, 22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R2-EVO, 24.2R1-EVO, and all subsequent releases. *Future release
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-39525?
CVE-2024-39525 is classified as a Denial of Service vulnerability affecting Juniper Networks' routing protocol daemon.
How do I fix CVE-2024-39525?
To address CVE-2024-39525, upgrade to the latest version of Junos OS or Junos OS Evolved that is not vulnerable.
Who is affected by CVE-2024-39525?
CVE-2024-39525 affects unauthenticated users on systems running vulnerable versions of Junos OS and Junos OS Evolved.
What type of attack is associated with CVE-2024-39525?
CVE-2024-39525 allows an unauthenticated attacker to crash and restart the routing protocol daemon through a specific BGP packet.
When was CVE-2024-39525 reported?
CVE-2024-39525 was reported in 2024, specifically highlighting vulnerabilities in Juniper Networks products.
- agent/references
- agent/weakness
- agent/remedy
- agent/title
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/severity
- agent/event
- collector/nvd-api
- source/NVD
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/juniper networks
- canonical/juniper junos
- canonical/juniper networks junos os