Juniper Networks Junos OS Sampling Route Record Daemon Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated, network-based attacker to cause a temporary interruption in jflow processing. The issue arises when a device configured for flow monitoring receives a specific BGP update message. While the routing protocol daemon (rpd) processes the message correctly, it is improperly encoded when sent to SRRD, leading to a crash. Although jflow processing automatically restarts, this disruption does not affect traffic forwarding. The vulnerability impacts all Junos OS versions prior to 21.2R3-S9, 21.4 versions before 21.4R3-S10, 22.2 versions before 22.2R3-S6, 22.4 versions before 22.4R3, and 23.2 versions before 23.2R1-S2. However, Junos OS Evolved is not affected.

Impact

Exploitation of this vulnerability causes a crash in the Sampling Route Record Daemon, leading to a temporary disruption of jflow processing until it automatically restarts. This interruption does not impact traffic forwarding.