VYPR
Unrated severityNVD Advisory· Published Jan 12, 2024· Updated Nov 14, 2024

Junos OS: SRX Series: Due to an error in processing TCP events flowd will crash

CVE-2024-21601

Description

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the Flow-processing Daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos).

On SRX Series devices when two different threads try to simultaneously process a queue which is used for TCP events flowd will crash. One of these threads can not be triggered externally, so the exploitation of this race condition is outside the attackers direct control.

Continued exploitation of this issue will lead to a sustained DoS.

This issue affects Juniper Networks Junos OS:

  • 21.2 versions earlier than 21.2R3-S5;
  • 21.3 versions earlier than 21.3R3-S5;
  • 21.4 versions earlier than 21.4R3-S4;
  • 22.1 versions earlier than 22.1R3-S3;
  • 22.2 versions earlier than 22.2R3-S1;
  • 22.3 versions earlier than 22.3R2-S2, 22.3R3;
  • 22.4 versions earlier than 22.4R2-S1, 22.4R3.

This issue does not affect Juniper Networks Junos OS versions earlier than 21.2R1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    >=21.2, <22.4R2-S1, <22.4R3, <22.3R2-S2, <22.3R3, <22.2R3-S1, <22.1R3-S3, <21.4R3-S4, <21.3R3-S5, <21.2R3-S5+ 1 more
    • (no CPE)range: >=21.2, <22.4R2-S1, <22.4R3, <22.3R2-S2, <22.3R3, <22.2R3-S1, <22.1R3-S3, <21.4R3-S4, <21.3R3-S5, <21.2R3-S5
    • (no CPE)range: 21.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.