CVE-2024-39550: Junos OS: MX Series with SPC3 line card: Port flaps causes rtlogd memory leak leading to Denial of Service
First published: Thu Jul 11 2024(Updated: )
A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause ( which can be done by repeated port flaps) to cause a slow memory leak, ultimately leading to a Denial of Service (DoS). Memory can only be recovered by manually restarting rtlogd process. The memory usage can be monitored using the below command. user@host> show system processes extensive | match rtlog This issue affects Junos OS on MX Series with SPC3 line card: * from 21.2R3 before 21.2R3-S8, * from 21.4R2 before 21.4R3-S6, * from 22.1 before 22.1R3-S5, * from 22.2 before 22.2R3-S3, * from 22.3 before 22.3R3-S2, * from 22.4 before 22.4R3-S1, * from 23.2 before 23.2R2, * from 23.4 before 23.4R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Junos OS Evolved | =21.2-r3 | |
| Junos OS Evolved | =21.2-r3-s1 | |
| Junos OS Evolved | =21.2-r3-s2 | |
| Junos OS Evolved | =21.2-r3-s3 | |
| Junos OS Evolved | =21.2-r3-s4 | |
| Junos OS Evolved | =21.2-r3-s5 | |
| Junos OS Evolved | =21.2-r3-s6 | |
| Junos OS Evolved | =21.2-r3-s7 | |
| Junos OS Evolved | =21.4-r2 | |
| Junos OS Evolved | =21.4-r2-s1 | |
| Junos OS Evolved | =21.4-r2-s2 | |
| Junos OS Evolved | =21.4-r3 | |
| Junos OS Evolved | =21.4-r3-s1 | |
| Junos OS Evolved | =21.4-r3-s2 | |
| Junos OS Evolved | =21.4-r3-s3 | |
| Junos OS Evolved | =21.4-r3-s4 | |
| Junos OS Evolved | =21.4-r3-s5 | |
| Junos OS Evolved | =22.1 | |
| Junos OS Evolved | =22.1-r1 | |
| Junos OS Evolved | =22.1-r1-s1 | |
| Junos OS Evolved | =22.1-r1-s2 | |
| Junos OS Evolved | =22.1-r2 | |
| Junos OS Evolved | =22.1-r2-s1 | |
| Junos OS Evolved | =22.1-r2-s2 | |
| Junos OS Evolved | =22.1-r3 | |
| Junos OS Evolved | =22.1-r3-s1 | |
| Junos OS Evolved | =22.1-r3-s2 | |
| Junos OS Evolved | =22.1-r3-s3 | |
| Junos OS Evolved | =22.1-r3-s4 | |
| Junos OS Evolved | =22.2 | |
| Junos OS Evolved | =22.2-r1 | |
| Junos OS Evolved | =22.2-r1-s1 | |
| Junos OS Evolved | =22.2-r1-s2 | |
| Junos OS Evolved | =22.2-r2 | |
| Junos OS Evolved | =22.2-r2-s1 | |
| Junos OS Evolved | =22.2-r2-s2 | |
| Junos OS Evolved | =22.2-r3 | |
| Junos OS Evolved | =22.2-r3-s1 | |
| Junos OS Evolved | =22.2-r3-s2 | |
| Junos OS Evolved | =22.3 | |
| Junos OS Evolved | =22.3-r1 | |
| Junos OS Evolved | =22.3-r1-s1 | |
| Junos OS Evolved | =22.3-r1-s2 | |
| Junos OS Evolved | =22.3-r2 | |
| Junos OS Evolved | =22.3-r2-s1 | |
| Junos OS Evolved | =22.3-r2-s2 | |
| Junos OS Evolved | =22.3-r3 | |
| Junos OS Evolved | =22.3-r3-s1 | |
| Junos OS Evolved | =22.4 | |
| Junos OS Evolved | =22.4-r1 | |
| Junos OS Evolved | =22.4-r1-s1 | |
| Junos OS Evolved | =22.4-r1-s2 | |
| Junos OS Evolved | =22.4-r2 | |
| Junos OS Evolved | =22.4-r2-s1 | |
| Junos OS Evolved | =22.4-r2-s2 | |
| Junos OS Evolved | =22.4-r3 | |
| Junos OS Evolved | =23.2 | |
| Junos OS Evolved | =23.2-r1 | |
| Junos OS Evolved | =23.2-r1-s1 | |
| Junos OS Evolved | =23.2-r1-s2 | |
| Junos OS Evolved | =23.4 | |
| Junos OS Evolved | =23.4-r1 | |
| Junos OS Evolved | =23.4-r1-s1 | |
| Junos OS Evolved | =23.4-r1-s2 | |
| Any of | ||
| Juniper MX240 | ||
| Juniper MX480 | ||
| Juniper MX960 | ||
| Juniper JUNOS | >21.2R3<21.2R3-S8>21.4R2<21.4R3-S6>22.1<22.1R3-S5>22.2<22.2R3-S3>22.3<22.3R3-S2>22.4<22.4R3-S1>23.2<23.2R2>23.4<23.4R2 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS: 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, 24.2R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-39550?
CVE-2024-39550 is considered a serious vulnerability due to its potential to be exploited by adjacent attackers without authentication.
How do I fix CVE-2024-39550?
To mitigate CVE-2024-39550, upgrade your Junos OS to a version that is not affected, following the latest security recommendations from Juniper Networks.
What is the impact of CVE-2024-39550?
CVE-2024-39550 allows an attacker to exploit memory management issues in the rtlogd process, potentially leading to service disruption.
Which versions of Junos OS are affected by CVE-2024-39550?
CVE-2024-39550 affects Junos OS versions between 21.2R3 and 23.4R2.
Who can exploit CVE-2024-39550?
CVE-2024-39550 can be exploited by unauthenticated adjacent attackers using techniques such as repeated port flaps.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- collector/nvd-api
- source/NVD
- vendor/juniper networks
- canonical/juniper junos
- vendor/juniper
- canonical/junos os evolved
- version/junos os evolved/21.2-r3
- version/junos os evolved/21.2-r3-s1
- version/junos os evolved/21.2-r3-s2
- version/junos os evolved/21.2-r3-s3
- version/junos os evolved/21.2-r3-s4
- version/junos os evolved/21.2-r3-s5
- version/junos os evolved/21.2-r3-s6
- version/junos os evolved/21.2-r3-s7
- version/junos os evolved/21.4-r2
- version/junos os evolved/21.4-r2-s1
- version/junos os evolved/21.4-r2-s2
- version/junos os evolved/21.4-r3
- version/junos os evolved/21.4-r3-s1
- version/junos os evolved/21.4-r3-s2
- version/junos os evolved/21.4-r3-s3
- version/junos os evolved/21.4-r3-s4
- version/junos os evolved/21.4-r3-s5
- version/junos os evolved/22.1
- version/junos os evolved/22.1-r1
- version/junos os evolved/22.1-r1-s1
- version/junos os evolved/22.1-r1-s2
- version/junos os evolved/22.1-r2
- version/junos os evolved/22.1-r2-s1
- version/junos os evolved/22.1-r2-s2
- version/junos os evolved/22.1-r3
- version/junos os evolved/22.1-r3-s1
- version/junos os evolved/22.1-r3-s2
- version/junos os evolved/22.1-r3-s3
- version/junos os evolved/22.1-r3-s4
- version/junos os evolved/22.2
- version/junos os evolved/22.2-r1
- version/junos os evolved/22.2-r1-s1
- version/junos os evolved/22.2-r1-s2
- version/junos os evolved/22.2-r2
- version/junos os evolved/22.2-r2-s1
- version/junos os evolved/22.2-r2-s2
- version/junos os evolved/22.2-r3
- version/junos os evolved/22.2-r3-s1
- version/junos os evolved/22.2-r3-s2
- version/junos os evolved/22.3
- version/junos os evolved/22.3-r1
- version/junos os evolved/22.3-r1-s1
- version/junos os evolved/22.3-r1-s2
- version/junos os evolved/22.3-r2
- version/junos os evolved/22.3-r2-s1
- version/junos os evolved/22.3-r2-s2
- version/junos os evolved/22.3-r3
- version/junos os evolved/22.3-r3-s1
- version/junos os evolved/22.4
- version/junos os evolved/22.4-r1
- version/junos os evolved/22.4-r1-s1
- version/junos os evolved/22.4-r1-s2
- version/junos os evolved/22.4-r2
- version/junos os evolved/22.4-r2-s1
- version/junos os evolved/22.4-r2-s2
- version/junos os evolved/22.4-r3
- version/junos os evolved/23.2
- version/junos os evolved/23.2-r1
- version/junos os evolved/23.2-r1-s1
- version/junos os evolved/23.2-r1-s2
- version/junos os evolved/23.4
- version/junos os evolved/23.4-r1
- version/junos os evolved/23.4-r1-s1
- version/junos os evolved/23.4-r1-s2
- canonical/juniper mx240
- canonical/juniper mx480
- canonical/juniper mx960