Published: January 16, 2024

Overview

Juniper Networks has released security updates to address a vulnerability affecting Juniper Junos OS and Junos OS Evolved. A remote cyber threat actor could exploit this vulnerability (CVE-2024-21611) to cause a denial-of-service condition if it is not addressed.  

Impact

A vulnerability known as ‘Missing Release of Memory after Effective Lifetime’ in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS).

Applicable Versions

Affected VersionUpdated Version
Junos OS  
21.4 versions earlier than 21.4R3; 
22.1 versions earlier than 22.1R3; 
22.2 versions earlier than 22.2R3. 		Junos OS: 21.4R3, 22.1R3, 22.2R3, 22.3R1, and all subsequent releases. 
Junos OS Evolved 
21.4-EVO versions earlier than 21.4R3-EVO; 
22.1-EVO versions earlier than 22.1R3-EVO; 
22.2-EVO versions earlier than 22.2R3-EVO. 		Junos OS Evolved: 21.4R3-EVO, 22.1R3-EVO, 22.2R3-EVO, 22.3R1-EVO, and all subsequent releases. 

Mitigations and Workarounds

Upgrade Junos OS and Junos OS Evolved to the following software releases, which have resolved this issue:

  • Junos OS: 21.4R3, 22.1R3, 22.2R3, 22.3R1, and all subsequent releases.
  • Junos OS Evolved: 21.4R3-EVO, 22.1R3-EVO, 22.2R3-EVO, 22.3R1-EVO, and all subsequent releases.

As a workaround, Juniper recommends proactively monitoring the memory utilization of the affected systems. When it reaches 85% of the total RE memory, restart ‘rpd’ or reboot the system.

Best Practices

Run a vulnerability scanner to detect the presence of vulnerabilities, ensuring that the scanner has the feature to detect the specific vulnerability. Additionally, update the OS version to the recommended version and proactively monitor memory utilization.

Netsurion Detection and Response

Netsurion researchers are continuously monitoring the exploits of this vulnerability. Netsurion’s vulnerability management system will detect the vulnerability CVE-2024-21611 for customers who have subscribed to Netsurion Vulnerability Management.

References:

  1. https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved 
  2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21611 
  3. https://nvd.nist.gov/vuln/detail/CVE-2024-21611 
  4. https://www.rapid7.com/db/vulnerabilities/juniper-junos-os-jsa75752/ 
Cybersecurity Updates
Latest Advisory Alerts

Palo Alto PAN-OS Command Injection Vulnerability

D-Link NAS Command Injection Vulnerability

VMware ESXi, Workstation, and Fusion Vulnerabilities

Latest Data Source Integrations

AWS Key Management Service (KMS)

Have I Been Pwned

SentinelOne

Latest Enhancements

Netsurion Open XDR Now Supports PCI DSS 4.0

Extended Data Source Integrations and Alerts Released for Essentials

Enriched Application Control in Open XDR 9.4