CVE-2025-52955

Juniper Networks Junos OS versions prior to 21.2R3-S9 Juniper Networks Junos OS version 21.4 Juniper Networks Junos OS version 22.2 Juniper Networks Junos OS versions from 22.4 through 22.4R3-S7 Juniper Networks Junos OS versions from 23.2 through 23.2R2-S3 Juniper Networks Junos OS versions from 23.4 through 23.4R2-S4 Juniper Networks Junos OS versions from 24.2 through 24.2R2

An incorrect calculation of buffer size in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory corruption, leading to an rpd crash. This occurs when a logical interface using a routing instance flaps continuously, sending specific updates to the jflow/sflow modules. Continued receipt of these updates can result in a sustained Denial of Service condition.

Update to Junos OS version 21.2R3-S9 or later. Update to a version of Junos OS that is not 21.4. Update to a version of Junos OS that is not 22.2. Update to Junos OS version 22.4R3-S7 or later. Update to Junos OS version 23.2R2-S3 or later. Update to Junos OS version 23.4R2-S4 or later. Update to Junos OS version 24.2R2 or later.