cve/2024/CVE-2024-39539.md

### [CVE-2024-39539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39539)
![](https://img.shields.io/static/v1?label=Product&message=Junos%20OS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=21.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=22.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=22.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=22.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=22.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=23.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-401%20Missing%20Release%20of%20Memory%20after%20Effective%20Lifetime&color=brightgreen)

### Description

A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).In a subscriber management scenario continuous subscriber logins will trigger a memory leak and eventually lead to an FPC crash and restart.This issue affects Junos OS on MX Series:  *  All version before 21.2R3-S6,  *  21.4 versions before 21.4R3-S6,  *  22.1 versions before 22.1R3-S5,  *  22.2 versions before 22.2R3-S3,   *  22.3 versions before 22.3R3-S2,  *  22.4 versions before 22.4R3,  *  23.2 versions before 23.2R2.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds