Main Vulnerability Database SB2024011071

SB2024011071 - Double free in Juniper Junos OS

Published: January 10, 2024

Security Bulletin ID SB2024011071

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Double free (CVE-ID: CVE-2024-21606)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to double free error in the flow processing daemon (flowd). A remote non-authenticated attacker can cause a Denial of Service (DoS).

In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets is received, a flowd crash and restart will be observed.

Remediation

Install update from vendor's website.

References

https://supportportal.juniper.net/s/article/2024-01-Security-Bulletin-Junos-OS-SRX-Series-flowd-will-crash-when-tcp-encap-is-enabled-and-specific-packets-are-received-CVE-2024-21606