VYPR
Unrated severityNVD Advisory· Published Apr 12, 2024· Updated Aug 2, 2024

Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription

CVE-2024-30402

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).

When telemetry requests are sent to the device, and the Dynamic Rendering Daemon (drend) is suspended, the l2ald crashes and restarts due to factors outside the attackers control. Repeated occurrences of these events causes a sustained DoS condition.

This issue affects: Junos OS: * All versions earlier than 20.4R3-S10; * 21.2 versions earlier than 21.2R3-S7; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3-S4; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S1; * 22.4 versions earlier than 22.4R3; * 23.2 versions earlier than 23.2R1-S2, 23.2R2.

Junos OS Evolved:

  • All versions earlier than 21.4R3-S5-EVO;
  • 22.1-EVO versions earlier than 22.1R3-S4-EVO;
  • 22.2-EVO versions earlier than 22.2R3-S3-EVO;
  • 22.3-EVO versions earlier than 22.3R3-S1-EVO;
  • 22.4-EVO versions earlier than 22.4R3-EVO;
  • 23.2-EVO versions earlier than 23.2R2-EVO.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • <21.4R3-S5-EVO, 22.1-EVO<22.1R3-S4-EVO, 22.2-EVO<22.2R3-S3-EVO, 22.3-EVO<22.3R3-S1-EVO, 22.4-EVO<22.4R3-EVO, 23.2-EVO<23.2R2-EVO+ 1 more
    • (no CPE)range: <21.4R3-S5-EVO, 22.1-EVO<22.1R3-S4-EVO, 22.2-EVO<22.2R3-S3-EVO, 22.3-EVO<22.3R3-S1-EVO, 22.4-EVO<22.4R3-EVO, 23.2-EVO<23.2R2-EVO
    • (no CPE)range: 21.4-EVO
  • Range: <20.4R3-S10, 21.2<21.2R3-S7, 21.4<21.4R3-S5, 22.1<22.1R3-S4, 22.2<22.2R3-S, 22.3<22.3R3-S1, 22.4<22.4R3, 23.2<23.2R1-S2, 23.2R2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.