high
8.7
CWE
401
Advisory Published
Updated

CVE-2024-39549: Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak

First published: Thu Jul 11 2024(Updated: )

A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not properly freed in all circumstances, leading to a Denial of Service (DoS). Consumed memory can be freed by manually restarting Routing Protocol Daemon (rpd). Memory utilization could be monitored by:  user@host> show system memory or show system monitor memory status This issue affects: Junos OS:  * All versions before 21.2R3-S8,  * from 21.4 before 21.4R3-S8, * from 22.2 before 22.2R3-S4,  * from 22.3 before 22.3R3-S3,  * from 22.4 before 22.4R3-S3, * from 23.2 before 23.2R2-S1,  * from 23.4 before 23.4R1-S2, 23.4R2. Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * from 21.4 before 21.4R3-S8-EVO, * from 22.2 before 22.2R3-S4-EVO, * from 22.3 before 22.3R3-S3-EVO, * from 22.4 before 22.4R3-S3-EVO, * from 23.2 before 23.2R2-S1-EVO, * from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Juniper JUNOS<=21.1
Juniper JUNOS=21.2
Juniper JUNOS=21.2-r1
Juniper JUNOS=21.2-r1-s1
Juniper JUNOS=21.2-r1-s2
Juniper JUNOS=21.2-r2
Juniper JUNOS=21.2-r2-s1
Juniper JUNOS=21.2-r2-s2
Juniper JUNOS=21.2-r3
Juniper JUNOS=21.2-r3-s1
Juniper JUNOS=21.2-r3-s2
Juniper JUNOS=21.2-r3-s3
Juniper JUNOS=21.2-r3-s4
Juniper JUNOS=21.2-r3-s5
Juniper JUNOS=21.2-r3-s6
Juniper JUNOS=21.2-r3-s7
Juniper JUNOS=21.4
Juniper JUNOS=21.4-r1
Juniper JUNOS=21.4-r1-s1
Juniper JUNOS=21.4-r1-s2
Juniper JUNOS=21.4-r2
Juniper JUNOS=21.4-r2-s1
Juniper JUNOS=21.4-r2-s2
Juniper JUNOS=21.4-r3
Juniper JUNOS=21.4-r3-s1
Juniper JUNOS=21.4-r3-s2
Juniper JUNOS=21.4-r3-s3
Juniper JUNOS=21.4-r3-s4
Juniper JUNOS=21.4-r3-s5
Juniper JUNOS=21.4-r3-s6
Juniper JUNOS=21.4-r3-s7
Juniper JUNOS=22.2
Juniper JUNOS=22.2-r1
Juniper JUNOS=22.2-r1-s1
Juniper JUNOS=22.2-r1-s2
Juniper JUNOS=22.2-r2
Juniper JUNOS=22.2-r2-s1
Juniper JUNOS=22.2-r2-s2
Juniper JUNOS=22.2-r3
Juniper JUNOS=22.2-r3-s1
Juniper JUNOS=22.2-r3-s2
Juniper JUNOS=22.2-r3-s3
Juniper JUNOS=22.3
Juniper JUNOS=22.3-r1
Juniper JUNOS=22.3-r1-s1
Juniper JUNOS=22.3-r1-s2
Juniper JUNOS=22.3-r2
Juniper JUNOS=22.3-r2-s1
Juniper JUNOS=22.3-r2-s2
Juniper JUNOS=22.3-r3
Juniper JUNOS=22.3-r3-s1
Juniper JUNOS=22.3-r3-s2
Juniper JUNOS=22.4
Juniper JUNOS=22.4-r1
Juniper JUNOS=22.4-r1-s1
Juniper JUNOS=22.4-r1-s2
Juniper JUNOS=22.4-r2
Juniper JUNOS=22.4-r2-s1
Juniper JUNOS=22.4-r2-s2
Juniper JUNOS=22.4-r3
Juniper JUNOS=22.4-r3-s1
Juniper JUNOS=22.4-r3-s2
Juniper JUNOS=23.2
Juniper JUNOS=23.2-r1
Juniper JUNOS=23.2-r1-s1
Juniper JUNOS=23.2-r1-s2
Juniper JUNOS=23.2-r2
Juniper JUNOS=23.4
Juniper JUNOS=23.4-r1
Juniper JUNOS=23.4-r1-s1
Juniper JUNOS=24.2
Juniper JUNOS=24.2-r1
Juniper Networks Junos OS Evolved<=21.1
Juniper Networks Junos OS Evolved=21.2
Juniper Networks Junos OS Evolved=21.2-r1
Juniper Networks Junos OS Evolved=21.2-r1-s1
Juniper Networks Junos OS Evolved=21.2-r1-s2
Juniper Networks Junos OS Evolved=21.2-r2
Juniper Networks Junos OS Evolved=21.2-r2-s1
Juniper Networks Junos OS Evolved=21.2-r2-s2
Juniper Networks Junos OS Evolved=21.2-r3
Juniper Networks Junos OS Evolved=21.2-r3-s1
Juniper Networks Junos OS Evolved=21.2-r3-s2
Juniper Networks Junos OS Evolved=21.2-r3-s3
Juniper Networks Junos OS Evolved=21.2-r3-s4
Juniper Networks Junos OS Evolved=21.2-r3-s5
Juniper Networks Junos OS Evolved=21.2-r3-s6
Juniper Networks Junos OS Evolved=21.2-r3-s7
Juniper Networks Junos OS Evolved=21.4
Juniper Networks Junos OS Evolved=21.4-r1
Juniper Networks Junos OS Evolved=21.4-r1-s1
Juniper Networks Junos OS Evolved=21.4-r1-s2
Juniper Networks Junos OS Evolved=21.4-r2
Juniper Networks Junos OS Evolved=21.4-r2-s1
Juniper Networks Junos OS Evolved=21.4-r2-s2
Juniper Networks Junos OS Evolved=21.4-r3
Juniper Networks Junos OS Evolved=21.4-r3-s1
Juniper Networks Junos OS Evolved=21.4-r3-s2
Juniper Networks Junos OS Evolved=21.4-r3-s3
Juniper Networks Junos OS Evolved=21.4-r3-s4
Juniper Networks Junos OS Evolved=21.4-r3-s5
Juniper Networks Junos OS Evolved=21.4-r3-s6
Juniper Networks Junos OS Evolved=21.4-r3-s7
Juniper Networks Junos OS Evolved=22.2
Juniper Networks Junos OS Evolved=22.2-r1
Juniper Networks Junos OS Evolved=22.2-r1-s1
Juniper Networks Junos OS Evolved=22.2-r1-s2
Juniper Networks Junos OS Evolved=22.2-r2
Juniper Networks Junos OS Evolved=22.2-r2-s1
Juniper Networks Junos OS Evolved=22.2-r2-s2
Juniper Networks Junos OS Evolved=22.2-r3
Juniper Networks Junos OS Evolved=22.2-r3-s1
Juniper Networks Junos OS Evolved=22.2-r3-s2
Juniper Networks Junos OS Evolved=22.2-r3-s3
Juniper Networks Junos OS Evolved=22.3
Juniper Networks Junos OS Evolved=22.3-r1
Juniper Networks Junos OS Evolved=22.3-r1-s1
Juniper Networks Junos OS Evolved=22.3-r1-s2
Juniper Networks Junos OS Evolved=22.3-r2
Juniper Networks Junos OS Evolved=22.3-r2-s1
Juniper Networks Junos OS Evolved=22.3-r2-s2
Juniper Networks Junos OS Evolved=22.3-r3
Juniper Networks Junos OS Evolved=22.3-r3-s1
Juniper Networks Junos OS Evolved=22.3-r3-s2
Juniper Networks Junos OS Evolved=22.4
Juniper Networks Junos OS Evolved=22.4-r1
Juniper Networks Junos OS Evolved=22.4-r1-s1
Juniper Networks Junos OS Evolved=22.4-r1-s2
Juniper Networks Junos OS Evolved=22.4-r2
Juniper Networks Junos OS Evolved=22.4-r2-s1
Juniper Networks Junos OS Evolved=22.4-r2-s2
Juniper Networks Junos OS Evolved=22.4-r3
Juniper Networks Junos OS Evolved=22.4-r3-s1
Juniper Networks Junos OS Evolved=22.4-r3-s2
Juniper Networks Junos OS Evolved=23.2
Juniper Networks Junos OS Evolved=23.2-r1
Juniper Networks Junos OS Evolved=23.2-r1-s1
Juniper Networks Junos OS Evolved=23.2-r1-s2
Juniper Networks Junos OS Evolved=23.2-r2
Juniper Networks Junos OS Evolved=23.4
Juniper Networks Junos OS Evolved=23.4-r1
Juniper Networks Junos OS Evolved=23.4-r1-s1
Juniper Networks Junos OS Evolved=24.2
Juniper Networks Junos OS Evolved=24.2-r1

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS: 21.2R3-S8, 21.4R3-S8, 22.2R3-S4, 22.3R3-S3, 22.4R3-S3, 23.2R2-S1, 23.4R1-S2, 23.4R2, 24.2R1, and all subsequent releases. Junos OS Evolved: 21.2R3-S8-EVO, 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S3-EVO, 23.2R2-S1-EVO, 23.4R1-S2-EVO, 23.4R2-EVO, 24.2R1-EVO and all subsequent releases.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-39549?

    The severity of CVE-2024-39549 is classified as high due to the potential for exploitation resulting in memory allocation issues.

  • How do I fix CVE-2024-39549?

    To fix CVE-2024-39549, upgrade to the patched versions of Junos OS provided by Juniper Networks.

  • Which versions are affected by CVE-2024-39549?

    CVE-2024-39549 affects Junos OS versions up to 21.1 and specific versions from 21.2 to 24.2.

  • What is the impact of CVE-2024-39549?

    The impact of CVE-2024-39549 includes potential denial of service due to excessive memory consumption during BGP Path attribute updates.

  • Is CVE-2024-39549 specific to any software?

    Yes, CVE-2024-39549 specifically affects the routing process daemon (rpd) in Juniper Networks Junos OS and Junos OS Evolved.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203