Juniper patches multiple router bugs

Juniper Networks has issued its first three security updates for 2024, including a critical bug in its J-Web network management interface.

The company said it is unaware of any exploits of the vulnerabilities.

The J-Web out-of-bounds write bug, CVE-2024-21591 (CVSS score 9.8), affects Junos OS SRX Series and EX Series.

An unspecified “insecure function” in the software allows an attacker to “overwrite arbitrary memory”, giving a remote attacker remote code execution (RCE), denial-of-service, and root privileges on the affected device.

It affects eight versions of Junos OS, with patches available.

The company has also fixed two lower rated BGP bugs in its Junos OS and Junos OS Evolved software.

CVE-2024-21611 (CVSS score 7.5) affects Junos OS 21.4, 22.1 and 22.2; and Junos OS Evolved 21.4-EVO, 22.1-EVO, and 22.2-EVO.

The advisory explained this is a “missing release of memory after effective lifetime” vulnerability in the Routing Protocol Daemon (rpd) which “allows an unauthenticated, network-based attacker to cause a denial of service (DoS).”

If there’s route churn in Juniper’s flow monitoring, jflow, causing BGP next hops to be updated, a “slow memory leak” will eventually crash and restart the rpd.

There’s also CVE-2024-21596 (CVSS score 5.3), which affects all versions of Junos OS and Junos OS Evolved, a heap-based buffer overflow in the rpd.

“If an attacker sends a specific BGP UPDATE message to the device, this will cause a memory overwrite and therefore an RPD crash and restart in the backup Routing Engine (RE),” the advisory stated.

An attacker can continue sending attack packets to cause a sustained DoS.

Juniper is subject to a $US14 billion takeover bid from HPE.