CVE-2025-59962

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 21.4R3-S6 Juniper Networks Junos OS versions 22.1 through 22.1R3-S6 Juniper Networks Junos OS versions 22.2 through 22.2R3-S3 Juniper Networks Junos OS versions 22.3 through 22.3R3-S3 Juniper Networks Junos OS versions 22.4 through 22.4R3 Juniper Networks Junos OS versions 23.2 through 23.2R2 Juniper Networks Junos OS Evolved versions prior to 22.3R3-S3-EVO Juniper Networks Junos OS Evolved versions 22.4 through 22.4R3-EVO Juniper Networks Junos OS Evolved versions 23.2 through 23.2R2-EVO

Description An Access of Uninitialized Pointer issue exists in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved when BGP sharding is enabled. An attacker can trigger indirect next-hop updates, combined with external timing factors, to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Specifically, triggering route resolution of an indirect next-hop, such as an IGP route change affecting a BGP route, may lead to the crash. Continuous IGP route churn, causing repeated route re-resolution, increases the likelihood of triggering this issue and potentially causing an extended DoS condition.

Recommendations Update Junos OS to version 21.4R3-S6 or later. Update Junos OS to version 22.1R3-S6 or later. Update Junos OS to version 22.2R3-S3 or later. Update Junos OS to version 22.3R3-S3 or later. Update Junos OS to version 22.4R3 or later. Update Junos OS to version 23.2R2 or later. Update Junos OS Evolved to version 22.3R3-S3-EVO or later. Update Junos OS Evolved to version 22.4R3-EVO or later. Update Junos OS Evolved to version 23.2R2-EVO or later.