8.7

CVE-2024-39564

Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to RPD crash

This is a similar, but different vulnerability than the issue reported as CVE-2024-39549.

A double-free vulnerability in the routing process daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This double free of memory is causing an rpd crash, leading to a Denial of Service (DoS).


This issue affects:

Junos OS:   *  from 22.4 before 22.4R3-S4.


Junos OS Evolved:  *  from 22.4 before 22.4R3-S4-EVO.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
JuniperJunos Version < 21.2
JuniperJunos Version21.2 Update-
JuniperJunos Version21.2 Updater1
JuniperJunos Version21.2 Updater1-s1
JuniperJunos Version21.2 Updater1-s2
JuniperJunos Version21.2 Updater2
JuniperJunos Version21.2 Updater2-s1
JuniperJunos Version21.2 Updater2-s2
JuniperJunos Version21.2 Updater3
JuniperJunos Version21.2 Updater3-s1
JuniperJunos Version21.2 Updater3-s2
JuniperJunos Version21.2 Updater3-s3
JuniperJunos Version21.2 Updater3-s4
JuniperJunos Version21.2 Updater3-s5
JuniperJunos Version21.2 Updater3-s6
JuniperJunos Version21.2 Updater3-s7
JuniperJunos Version21.4 Update-
JuniperJunos Version21.4 Updater1
JuniperJunos Version21.4 Updater1-s1
JuniperJunos Version21.4 Updater1-s2
JuniperJunos Version21.4 Updater2
JuniperJunos Version21.4 Updater2-s1
JuniperJunos Version21.4 Updater2-s2
JuniperJunos Version21.4 Updater3
JuniperJunos Version21.4 Updater3-s1
JuniperJunos Version21.4 Updater3-s2
JuniperJunos Version21.4 Updater3-s3
JuniperJunos Version21.4 Updater3-s4
JuniperJunos Version21.4 Updater3-s5
JuniperJunos Version21.4 Updater3-s6
JuniperJunos Version21.4 Updater3-s7
JuniperJunos Version22.2 Update-
JuniperJunos Version22.2 Updater1
JuniperJunos Version22.2 Updater1-s1
JuniperJunos Version22.2 Updater1-s2
JuniperJunos Version22.2 Updater2
JuniperJunos Version22.2 Updater2-s1
JuniperJunos Version22.2 Updater2-s2
JuniperJunos Version22.2 Updater3
JuniperJunos Version22.2 Updater3-s1
JuniperJunos Version22.2 Updater3-s2
JuniperJunos Version22.2 Updater3-s3
JuniperJunos Version22.2 Updater3-s4
JuniperJunos Version22.3 Update-
JuniperJunos Version22.3 Updater1
JuniperJunos Version22.3 Updater1-s1
JuniperJunos Version22.3 Updater1-s2
JuniperJunos Version22.3 Updater2
JuniperJunos Version22.3 Updater2-s1
JuniperJunos Version22.3 Updater2-s2
JuniperJunos Version22.3 Updater3
JuniperJunos Version22.3 Updater3-s1
JuniperJunos Version22.3 Updater3-s2
JuniperJunos Version22.3 Updater3-s3
JuniperJunos Version22.4 Update-
JuniperJunos Version22.4 Updater1
JuniperJunos Version22.4 Updater1-s1
JuniperJunos Version22.4 Updater1-s2
JuniperJunos Version22.4 Updater2
JuniperJunos Version22.4 Updater2-s1
JuniperJunos Version22.4 Updater2-s2
JuniperJunos Version22.4 Updater3
JuniperJunos Version22.4 Updater3-s1
JuniperJunos Version22.4 Updater3-s2
JuniperJunos Version22.4 Updater3-s3
JuniperJunos Version23.2 Update-
JuniperJunos Version23.2 Updater1
JuniperJunos Version23.2 Updater1-s1
JuniperJunos Version23.2 Updater1-s2
JuniperJunos Version23.2 Updater2
JuniperJunos Version23.4 Update-
JuniperJunos Version23.4 Updater1
JuniperJunos Version23.4 Updater1-s1
JuniperJunos Version23.4 Updater2
JuniperJunos Os Evolved Version < 21.2
JuniperJunos Os Evolved Version21.2 Update-
JuniperJunos Os Evolved Version21.2 Updater1
JuniperJunos Os Evolved Version21.2 Updater1-s1
JuniperJunos Os Evolved Version21.2 Updater1-s2
JuniperJunos Os Evolved Version21.2 Updater2
JuniperJunos Os Evolved Version21.2 Updater2-s1
JuniperJunos Os Evolved Version21.2 Updater2-s2
JuniperJunos Os Evolved Version21.2 Updater3
JuniperJunos Os Evolved Version21.2 Updater3-s1
JuniperJunos Os Evolved Version21.2 Updater3-s2
JuniperJunos Os Evolved Version21.2 Updater3-s3
JuniperJunos Os Evolved Version21.2 Updater3-s4
JuniperJunos Os Evolved Version21.2 Updater3-s5
JuniperJunos Os Evolved Version21.2 Updater3-s6
JuniperJunos Os Evolved Version21.2 Updater3-s7
JuniperJunos Os Evolved Version21.4 Update-
JuniperJunos Os Evolved Version21.4 Updater1
JuniperJunos Os Evolved Version21.4 Updater1-s1
JuniperJunos Os Evolved Version21.4 Updater1-s2
JuniperJunos Os Evolved Version21.4 Updater2
JuniperJunos Os Evolved Version21.4 Updater2-s1
JuniperJunos Os Evolved Version21.4 Updater2-s2
JuniperJunos Os Evolved Version21.4 Updater3
JuniperJunos Os Evolved Version21.4 Updater3-s1
JuniperJunos Os Evolved Version21.4 Updater3-s2
JuniperJunos Os Evolved Version21.4 Updater3-s3
JuniperJunos Os Evolved Version21.4 Updater3-s4
JuniperJunos Os Evolved Version21.4 Updater3-s5
JuniperJunos Os Evolved Version21.4 Updater3-s6
JuniperJunos Os Evolved Version21.4 Updater3-s7
JuniperJunos Os Evolved Version22.2 Update-
JuniperJunos Os Evolved Version22.2 Updater1
JuniperJunos Os Evolved Version22.2 Updater1-s1
JuniperJunos Os Evolved Version22.2 Updater1-s2
JuniperJunos Os Evolved Version22.2 Updater2
JuniperJunos Os Evolved Version22.2 Updater2-s1
JuniperJunos Os Evolved Version22.2 Updater2-s2
JuniperJunos Os Evolved Version22.2 Updater3
JuniperJunos Os Evolved Version22.2 Updater3-s1
JuniperJunos Os Evolved Version22.2 Updater3-s2
JuniperJunos Os Evolved Version22.2 Updater3-s3
JuniperJunos Os Evolved Version22.2 Updater3-s4
JuniperJunos Os Evolved Version22.3 Update-
JuniperJunos Os Evolved Version22.3 Updater1
JuniperJunos Os Evolved Version22.3 Updater1-s1
JuniperJunos Os Evolved Version22.3 Updater1-s2
JuniperJunos Os Evolved Version22.3 Updater2
JuniperJunos Os Evolved Version22.3 Updater2-s1
JuniperJunos Os Evolved Version22.3 Updater2-s2
JuniperJunos Os Evolved Version22.3 Updater3
JuniperJunos Os Evolved Version22.3 Updater3-s1
JuniperJunos Os Evolved Version22.3 Updater3-s2
JuniperJunos Os Evolved Version22.3 Updater3-s3
JuniperJunos Os Evolved Version22.4 Update-
JuniperJunos Os Evolved Version22.4 Updater1
JuniperJunos Os Evolved Version22.4 Updater1-s1
JuniperJunos Os Evolved Version22.4 Updater1-s2
JuniperJunos Os Evolved Version22.4 Updater2
JuniperJunos Os Evolved Version22.4 Updater2-s1
JuniperJunos Os Evolved Version22.4 Updater2-s2
JuniperJunos Os Evolved Version22.4 Updater3
JuniperJunos Os Evolved Version22.4 Updater3-s1
JuniperJunos Os Evolved Version22.4 Updater3-s2
JuniperJunos Os Evolved Version22.4 Updater3-s3
JuniperJunos Os Evolved Version23.2 Update-
JuniperJunos Os Evolved Version23.2 Updater1
JuniperJunos Os Evolved Version23.2 Updater1-s1
JuniperJunos Os Evolved Version23.2 Updater1-s2
JuniperJunos Os Evolved Version23.2 Updater2
JuniperJunos Os Evolved Version23.4 Update-
JuniperJunos Os Evolved Version23.4 Updater1
JuniperJunos Os Evolved Version23.4 Updater1-s1
JuniperJunos Os Evolved Version23.4 Updater2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.564
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
sirt@juniper.net 8.7 0 0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:U/V:X/RE:X/U:X
sirt@juniper.net 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.