CVE-2024-21599

<br /> A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).<br /> <br /> If an MX Series device receives PTP packets on an MPC3E that doesn&amp;#39;t support PTP this causes a memory leak which will result in unpredictable behavior and ultimately in an MPC crash and restart.<br /> <br /> To monitor for this issue, please use the following FPC vty level commands:<br /> <br /> show heap<br /> shows an increase in "LAN buffer" utilization and<br /> <br /> show clksync ptp nbr-upd-info<br /> shows non-zero "Pending PFEs" counter.<br /> <br /> This issue affects Juniper Networks Junos OS on MX Series with MPC3E:<br /> <br /> <br /> <br /> * All versions earlier than 20.4R3-S3;<br /> * 21.1 versions earlier than 21.1R3-S4;<br /> * 21.2 versions earlier than 21.2R3;<br /> * 21.3 versions earlier than 21.3R2-S1, 21.3R3;<br /> * 21.4 versions earlier than 21.4R2;<br /> * 22.1 versions earlier than 22.1R2.<br /> <br /> <br /> <br /> <br /> <br /> <br />