Login Sign Up

CVE-2024-39557

6.5 MEDIUM
Denial of Service

📋 TL;DR

An unauthenticated adjacent attacker can exploit a memory leak in Juniper's Layer 2 Address Learning Daemon (l2ald) on Junos OS Evolved to cause system memory exhaustion, leading to a crash and denial of service. This affects Junos OS Evolved across multiple versions. The vulnerability requires network adjacency to the target device.

💻 Affected Systems

Products:
  • Juniper Networks Junos OS Evolved
Versions: All versions before 21.4R3-S8-EVO, from 22.2-EVO before 22.2R3-S4-EVO, from 22.3-EVO before 22.3R3-S3-EVO, from 22.4-EVO before 22.4R3-EVO, from 23.2-EVO before 23.2R2-EVO
Operating Systems: Junos OS Evolved
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Junos OS Evolved (not traditional Junos OS). Requires l2ald-agent to be running.

📦 What is this software?

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

Junos Os Evolved by Juniper

View all CVEs affecting Junos Os Evolved →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash and restart causing extended network outage and service disruption until manual intervention.

🟠

Likely Case

Intermittent system crashes and restarts leading to network instability and degraded performance.

🟢

If Mitigated

Limited impact with proper network segmentation and monitoring to detect abnormal memory usage patterns.

🌐 Internet-Facing: LOW - Requires adjacent network access, not directly exploitable from the internet.
🏢 Internal Only: HIGH - Internal attackers or compromised internal systems can exploit this to disrupt critical network infrastructure.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires adjacent network access but no authentication. The vulnerability is triggered by certain MAC table updates.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 21.4R3-S8-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-EVO, 23.2R2-EVO or later

Vendor Advisory: https://supportportal.juniper.net/JSA83017

Restart Required: Yes

Instructions:

1. Download the appropriate patched version from Juniper's support portal. 2. Follow Juniper's standard upgrade procedures for Junos OS Evolved. 3. Reboot the device after installation.

🔧 Temporary Workarounds

Monitor memory usage

all

Regularly check l2ald-agent memory allocations to detect abnormal patterns

show platform application-info allocations app l2ald-agent

🧯 If You Can't Patch

  • Implement strict network segmentation to limit adjacent access to vulnerable devices
  • Monitor system logs for memory exhaustion warnings and crash/restart events

🔍 How to Verify

Check if Vulnerable:

Run: show platform application-info allocations app l2ald-agent and check for high 'Live' counts on net::juniper::rtnh::L2Rtinfo objects

Check Version:

show version

Verify Fix Applied:

Check version is patched with: show version and verify it matches fixed versions, then monitor l2ald-agent memory allocations

📡 Detection & Monitoring

Log Indicators:

  • System crash/restart logs
  • Memory exhaustion warnings
  • High l2ald-agent memory allocation counts

Network Indicators:

  • Unusual MAC address flapping
  • Increased layer 2 control traffic

SIEM Query:

Search for: 'l2ald-agent' AND ('memory' OR 'crash' OR 'restart')

📊 Metadata

CVE ID: CVE-2024-39557
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-400
Published: July 10, 2024
Last Updated: February 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-39557, you might also want to check these:

CVE-2024-45166 9.8

UCI IDOL2 through version 2.12 contains multiple memory corruption vulnerabilities due to improper i...

Same vulnerability type (CWE-400)
CVE-2025-61303 9.8

This vulnerability in Hatching Triage Sandbox allows malware samples to evade detection by recursive...

Same vulnerability type (CWE-400)
CVE-2024-39462 9.8

This is a Linux kernel memory corruption vulnerability in the BCM2711 DVP clock driver where array b...

Same vulnerability type (CWE-400)