CVE-2025-52986

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 21.2R3-S9 Juniper Networks Junos OS versions 21.4 prior to 21.4R3-S11 Juniper Networks Junos OS versions 22.2 prior to 22.2R3-S7 Juniper Networks Junos OS versions 22.4 prior to 22.4R3-S7 Juniper Networks Junos OS versions 23.2 prior to 23.2R2-S4 Juniper Networks Junos OS versions 23.4 prior to 23.4R2-S4 Juniper Networks Junos OS versions 24.2 prior to 24.2R2 Juniper Networks Junos OS versions 24.4 prior to 24.4R2 Juniper Networks Junos OS Evolved versions prior to 22.2R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.4-EVO prior to 22.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 23.2-EVO prior to 23.2R2-S4-EVO Juniper Networks Junos OS Evolved versions 23.4-EVO prior to 23.4R2-S4-EVO Juniper Networks Junos OS Evolved versions 24.2-EVO prior to 24.2R2-EVO Juniper Networks Junos OS Evolved versions 24.4-EVO prior to 24.4R2-EVO

Description: A Missing Release of Memory after Effective Lifetime vulnerability exists in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved. This allows a local, low-privileged user to impact the availability of the device. When RIB sharding is enabled and a user executes certain routing-related show commands, memory is leaked. If all available memory is consumed, rpd will crash and restart. The memory leak can be monitored using the CLI command show task memory detail | match task shard mgmt cookie, where the allocated memory in bytes continuously increases with each exploitation.

Recommendations: Update to Junos OS version 21.2R3-S9 or later. Update to Junos OS version 21.4R3-S11 or later. Update to Junos OS version 22.2R3-S7 or later. Update to Junos OS version 22.4R3-S7 or later. Update to Junos OS version 23.2R2-S4 or later. Update to Junos OS version 23.4R2-S4 or later. Update to Junos OS version 24.2R2 or later. Update to Junos OS version 24.4R2 or later. Update to Junos OS Evolved version 22.2R3-S7-EVO or later. Update to Junos OS Evolved version 22.4R3-S7-EVO or later. Update to Junos OS Evolved version 23.2R2-S4-EVO or later. Update to Junos OS Evolved version 23.4R2-S4-EVO or later. Update to Junos OS Evolved version 24.2R2-EVO or later. Update to Junos OS Evolved version 24.4R2-EVO or later.