Double-Free Vulnerability in Juniper Networks Junos OS Routing Daemon
CVE-2024-39564

8.7HIGH

Key Information:

Vendor: Juniper Networks
Status: Junos Os; Junos Os Evolved
Vendor: CVE Published:; 5 February 2025

Badges

👾 Exploit Exists

Summary

A double-free vulnerability in the routing process daemon (rpd) of Juniper Networks' Junos OS and Junos OS Evolved permits an attacker to send a malformed BGP Path attribute update. This action allocates memory to log the erroneous path attribute. The resulting double free of memory can cause the rpd to crash, leading to a Denial of Service (DoS). The affected versions include Junos OS and Junos OS Evolved from 22.4 before 22.4R3-S4.

Affected Version(s)

Junos OS 22.4 < 22.4R3-S4

Junos OS Evolved 22.4 < 22.4R3-S3-EVO

References

https://supportportal.juniper.net/JSA83011

vendor-advisory

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Feb 5, 2025
Vulnerability published
Feb 5, 2025
Vulnerability Reserved
Jun 25, 2024

Credit

Juniper SIRT would like to acknowledge and thank Craig Dods ([email protected]) from Meta for responsibly reporting this vulnerability.