Unrated severityNVD Advisory· Published Jul 11, 2024· Updated Aug 2, 2024
Junos OS Evolved: ACX 7000 Series: When specific traffic is received in a VPLS scenario evo-pfemand crashes
CVE-2024-39535
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service (DoS).
When a device has a Layer 3 or an IRB interface configured in a VPLS instance and specific traffic is received, the evo-pfemand processes crashes which causes a service outage for the respective FPC until the system is recovered manually.
This issue only affects Junos OS Evolved 22.4R2-S1 and 22.4R2-S2 releases and is fixed in 22.4R3. No other releases are affected.
Affected products
222.4R2-S1, 22.4R2-S2+ 1 more
- (no CPE)range: 22.4R2-S1, 22.4R2-S2
- (no CPE)range: 22.4R2-S1-EVO
Patches
Vulnerability mechanics
References
1- supportportal.juniper.net/JSA82995mitrevendor-advisory
News mentions
0No linked articles in our index yet.