CVE-2025-59959

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S8 Juniper Networks Junos OS versions 23.2 before 23.2R2-S5 Juniper Networks Junos OS versions 23.4 before 23.4R2-S5 Juniper Networks Junos OS versions 24.2 before 24.2R2-S2 Juniper Networks Junos OS versions 24.4 before 24.4R2 Juniper Networks Junos OS Evolved versions prior to 22.4R3-S8-EVO Juniper Networks Junos OS Evolved versions 23.2 before 23.2R2-S5-EVO Juniper Networks Junos OS Evolved versions 23.4 before 23.4R2-S6-EVO Juniper Networks Junos OS Evolved versions 24.2 before 24.2R2-S2-EVO Juniper Networks Junos OS Evolved versions 24.4 before 24.4R2-EVO

Description An issue exists in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved that can lead to a Denial-of-Service (DoS). A local, authenticated attacker with low privileges can trigger this by executing the command 'show route < ( receive-protocol | advertising-protocol ) bgp > detail' when at least one route in the output has specific attributes, causing the rpd process to crash and restart. The 'show route ... extensive' command is not affected.

Recommendations Update Junos OS to version 22.4R3-S8 or later. Update Junos OS to version 23.2R2-S5 or later. Update Junos OS to version 23.4R2-S5 or later. Update Junos OS to version 24.2R2-S2 or later. Update Junos OS to version 24.4R2 or later. Update Junos OS Evolved to version 22.4R3-S8-EVO or later. Update Junos OS Evolved to version 23.2R2-S5-EVO or later. Update Junos OS Evolved to version 23.4R2-S6-EVO or later. Update Junos OS Evolved to version 24.2R2-S2-EVO or later. Update Junos OS Evolved to version 24.4R2-EVO or later.