CVE-2025-30660

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions 21.4 prior to 21.4R3-S8 Junos OS versions 22.2 prior to 22.2R3-S4 Junos OS versions 22.4 prior to 22.4R3-S5 Junos OS versions 23.2 prior to 23.2R2-S2 Junos OS versions 23.4 prior to 23.4R2

Description: An Improper Check for Unusual or Exceptional Conditions issue in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traffic forwarding to stop. Indicative logs of this issue include messages such as "MQSS(0): LI-3: Received a parcel with more than 512B accompanying data" and "CHASSISD FPC ASIC ERROR: ASIC Error detected".

Recommendations: For versions prior to 21.2R3-S9, update to 21.2R3-S9 or later. For versions 21.4 prior to 21.4R3-S8, update to 21.4R3-S8 or later. For versions 22.2 prior to 22.2R3-S4, update to 22.2R3-S4 or later. For versions 22.4 prior to 22.4R3-S5, update to 22.4R3-S5 or later. For versions 23.2 prior to 23.2R2-S2, update to 23.2R2-S2 or later. For versions 23.4 prior to 23.4R2, update to 23.4R2 or later.