CVE-2024-39536 : A Missing Release of Memory after Effective Lifetime vulnerability in the Period

A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). When a BFD session configured with authentication flaps, ppmd memory can leak. Whether the leak happens depends on a race condition which is outside the attackers control. This issue only affects BFD operating in distributed aka delegated (which is the default behavior) or inline mode. Whether the leak occurs can be monitored with the following CLI command: > show ppm request-queue FPC Pending-request fpc0 2 request-total-pending: 2 where a continuously increasing number of pending requests is indicative of the leak. This issue affects: Junos OS: * All versions before 21.2R3-S8, * 21.4 versions before 21.4R3-S7, * 22.1 versions before 22.1R3-S4, * 22.2 versions before 22.2R3-S4, * 22.3 versions before 22.3R3, * 22.4 versions before 22.4R2-S2, 22.4R3. Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * 21.4-EVO versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-EVO, * 22.4-EVO versions before 22.4R3-EVO.

Published 2024-07-11 16:13:24

Updated 2024-07-12 15:15:11

Source Juniper Networks, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2024-39536

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2024-39536

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 17 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-39536

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.3	MEDIUM	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H	N/A	N/A	Juniper Networks, Inc.	2024-07-11
Attack Vector: Adjacent Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
5.3	MEDIUM	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H	1.6	3.6	Juniper Networks, Inc.	2024-07-11
Attack Vector: Adjacent Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High
6.0	MEDIUM	CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/V...	N/A	N/A	Juniper Networks, Inc.	2024-07-11
Attack Vector: Adjacent Attack Complexity: Low Attack Requirements: Present Privileges Required: None User Interaction: None Confidentiality (VC): None Integrity (VI): None Availability (VA): High
6.0	MEDIUM	CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/V...	N/A	N/A	Juniper Networks, Inc.	2024-07-11
Attack Vector: Adjacent Attack Complexity: Low Attack Requirements: Present Privileges Required: None User Interaction: None Confidentiality (VC): None Integrity (VI): None Availability (VA): High

CWE ids for CVE-2024-39536

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Assigned by:
- 8cbe9d5a-a066-4c94-8978-4b15efeae968 (Primary)
- sirt@juniper.net (Secondary)

References for CVE-2024-39536

https://supportportal.juniper.net/JSA82996

2024-07 Security Bulletin: Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak (CVE-2024-39536)

Jump to

Vulnerability Details : CVE-2024-39536

Products affected by CVE-2024-39536

Exploit prediction scoring system (EPSS) score for CVE-2024-39536

CVSS scores for CVE-2024-39536

CWE ids for CVE-2024-39536

References for CVE-2024-39536