CVE-2025-30655

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions from 21.4 before 21.4R3-S8 Junos OS versions from 22.2 before 22.2R3-S6 Junos OS versions from 22.4 before 22.4R3-S2 Junos OS versions from 23.2 before 23.2R2-S3 Junos OS versions from 23.4 before 23.4R2 Junos OS Evolved versions prior to 21.2R3-S9-EVO Junos OS Evolved versions from 21.4-EVO before 21.4R3-S8-EVO Junos OS Evolved versions from 22.2-EVO before 22.2R3-S6-EVO Junos OS Evolved versions from 22.4-EVO before 22.4R3-S2-EVO Junos OS Evolved versions from 23.2-EVO before 23.2R2-S3-EVO Junos OS Evolved versions from 23.4-EVO before 23.4R2-EVO

Description: An Improper Check for Unusual or Exceptional Conditions issue in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS). When a specific "show bgp neighbor" CLI command is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition. The device is only affected if BGP RIB sharding and update-threading is enabled.

Recommendations: For Junos OS versions prior to 21.2R3-S9, update to version 21.2R3-S9 or later. For Junos OS versions from 21.4 before 21.4R3-S8, update to version 21.4R3-S8 or later. For Junos OS versions from 22.2 before 22.2R3-S6, update to version 22.2R3-S6 or later. For Junos OS versions from 22.4 before 22.4R3-S2, update to version 22.4R3-S2 or later. For Junos OS versions from 23.2 before 23.2R2-S3, update to version 23.2R2-S3 or later. For Junos OS versions from 23.4 before 23.4R2, update to version 23.4R2 or later. For Junos OS Evolved versions prior to 21.2R3-S9-EVO, update to version 21.2R3-S9-EVO or later. For Junos OS Evolved versions from 21.4-EVO before 21.4R3-S8-EVO, update to version 21.4R3-S8-EVO or later. For Junos OS Evolved versions from 22.2-EVO before 22.2R3-S6-EVO, update to version 22.2R3-S6-EVO or later. For Junos OS Evolved versions from 22.4-EVO before 22.4R3-S2-EVO, update to version 22.4R3-S2-EVO or later. For Junos OS Evolved versions from 23.2-EVO before 23.2R2-S3-EVO, update to version 23.2R2-S3-EVO or later. For Junos OS Evolved versions from 23.4-EVO before 23.4R2-EVO, update to version 23.4R2-EVO or later. As a temporary workaround, consider disabling BGP RIB sharding and update-threading to minimize the risk of exploitation.