Juniper Networks Junos OS Buffer Access Vulnerability in jdhcpd Daemon Leading to Denial-of-Service

A buffer access vulnerability with an incorrect length value has been identified in the jdhcpd daemon of Juniper Networks Junos OS. This vulnerability occurs when DHCP snooping is enabled, allowing an unauthenticated, adjacent attacker to send a DHCP packet containing a malformed option that causes the jdhcp process to crash, creating a denial-of-service condition. The continuous receipt of such DHCP packets will sustain the denial-of-service condition. This issue affects Junos OS versions 23.1 prior to 23.2R2-S3, 23.4 prior to 23.4R2-S3, and 24.2 prior to 24.2R2. It is not applicable to any versions of Junos OS before 23.1R1, nor does it affect vSRX Series or Junos OS Evolved.

Impact

Exploitation of this vulnerability causes the jdhcp process to crash, leading to a denial-of-service condition. The issue can be sustained by continuously sending DHCP packets with the malformed option.