CVE-2024-21611
📋 TL;DR
A memory leak vulnerability in Juniper's Routing Protocol Daemon (rpd) allows unauthenticated network attackers to cause denial of service. When BGP next hops update during Juniper Flow Monitoring (jflow) route churn, memory isn't properly released, eventually crashing rpd. This affects Junos OS 21.4-22.2 and Junos OS Evolved 21.4-EVO to 22.2-EVO before specific patch versions.
💻 Affected Systems
- Juniper Junos OS
- Juniper Junos OS Evolved
📦 What is this software?
Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →Junos by Juniper
Junos OS is Juniper Networks' flagship network operating system running on enterprise routers, switches, security appliances, and data center infrastructure worldwide. Deployed across telecommunications providers, ISPs, cloud service providers, financial institutions, and large enterprises, Junos po...
Learn more about Junos →⚠️ Risk & Real-World Impact
Worst Case
Complete routing service disruption requiring manual intervention, potentially affecting network availability across multiple systems.
Likely Case
Gradual performance degradation leading to rpd crashes and restarts, causing intermittent routing instability.
If Mitigated
Minimal impact with proper monitoring and quick restart capabilities.
🎯 Exploit Status
Exploitation requires ability to trigger BGP route churn in jflow scenarios.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Junos OS: 21.4R3, 22.1R3, 22.2R3. Junos OS Evolved: 21.4R3-EVO, 22.1R3-EVO, 22.2R3-EVO.
Vendor Advisory: https://supportportal.juniper.net/JSA75752
Restart Required: Yes
Instructions:
1. Download appropriate patch version from Juniper support portal. 2. Apply patch using 'request system software add' command. 3. Reboot system to complete installation.
🔧 Temporary Workarounds
Monitor memory usage
allRegularly check rpd memory usage to detect leaks early and restart before crash
show task memory detail | match so_in
Disable jflow if not needed
allRemove jflow configuration to eliminate the trigger condition
delete forwarding-options sampling
delete forwarding-options port-mirroring
🧯 If You Can't Patch
- Implement aggressive monitoring of rpd memory usage with automated alerts
- Establish procedures for rapid rpd restart when memory thresholds are exceeded
🔍 How to Verify
Check if Vulnerable:
Check version with 'show version' and compare against affected versions. Monitor memory with 'show task memory detail | match so_in' for increasing values.Check Version:
show versionVerify Fix Applied:
Confirm version is patched with 'show version'. Monitor memory usage over time to ensure stable values.📡 Detection & Monitoring
Log Indicators:
- rpd crash logs
- memory allocation failure messages
- high memory usage warnings
Network Indicators:
- BGP session instability
- routing table inconsistencies
- increased rpd restart frequency
SIEM Query:
source="junos" AND ("rpd" AND ("crash" OR "restart" OR "memory"))