Allocation of resources without limits or throttling in Junos OS Evolved

1) Allocation of resources without limits or throttling

EUVDB-ID: #VU98352

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-47502

CWE-ID: CWE-770 - Allocation of Resources Without Limits or Throttling

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to allocation of resources without limits or throttling error in the kernel. A remote non-authenticated attacker can cause a Denial of Service (DoS).

In specific cases the state of TCP sessions that are terminated is not cleared, which over time leads to an exhaustion of resources, preventing new connections to the control plane from being established.

A continuously increasing number of connections shown by:user@host > show system connectionsis indicative of the problem.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Junos OS Evolved: 21.4R1-EVO - 23.2R2-EVO

CPE2.3

• cpe:2.3:o:juniper_networks:junos_os_evolved:21.4R3-S8-EVO:*:*:*:*:*:*:*
• cpe:2.3:o:juniper_networks:junos_os_evolved:22.2R3-S3-EVO:*:*:*:*:*:*:*
• cpe:2.3:o:juniper_networks:junos_os_evolved:22.4R3-S2-EVO:*:*:*:*:*:*:*
• cpe:2.3:o:juniper_networks:junos_os_evolved:23.2R2-EVO:*:*:*:*:*:*:*

External links

https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-TCP-session-state-is-not-always-cleared-on-the-Routing-Engine-CVE-2024-47502

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.