CVE-2025-30658

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions 21.4 prior to 21.4R3-S10 Junos OS versions 22.2 prior to 22.2R3-S6 Junos OS versions 22.4 prior to 22.4R3-S6 Junos OS versions 23.2 prior to 23.2R2-S3 Junos OS versions 23.4 prior to 23.4R2-S3 Junos OS versions 24.2 prior to 24.2R2

Description: A Missing Release of Memory after Effective Lifetime issue in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). This occurs when a server sends specific content in the HTTP body of a response to a client request, causing packets to be queued by Anti-Virus processing in Juniper Buffers (jbufs) that are never released. When these jbufs are exhausted, the device stops forwarding all transit traffic. A jbuf memory leak can be noticed from logs indicating high jbuf pool utilization levels.

Recommendations: To recover from this issue, manually reboot the affected device to free the leaked jbufs for the following versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions 21.4 prior to 21.4R3-S10 Junos OS versions 22.2 prior to 22.2R3-S6 Junos OS versions 22.4 prior to 22.4R3-S6 Junos OS versions 23.2 prior to 23.2R2-S3 Junos OS versions 23.4 prior to 23.4R2-S3 Junos OS versions 24.2 prior to 24.2R2 As a temporary workaround, consider disabling Anti-Virus processing until a patch is available. Restrict access to the affected device to minimize the risk of exploitation. Monitor jbuf pool utilization levels to detect potential memory leaks.