CVE-2025-30657
Junos OS: Processing of a specific BGP update causes the SRRD process to crash
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Junos OS: Processing of a specific BGP update causes the SRRD process to crash
An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update message, it is correctly processed internally by the routing protocol daemon (rpd), but when it's sent to SRRD it's encoded incorrectly which leads to a crash and momentary interruption of jflow processing until it automatically restarts. This issue does not affect traffic forwarding itself. This issue affects Junos OS: * All versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3, * 23.2 versions before 23.2R1-S2, 23.2R2. This issue does not affected Junos OS Evolved.
Reserved 2025-03-24 | Published 2025-04-09 | Updated 2025-04-09 | Assigner juniperCWE-116 Improper Encoding or Escaping of Output
| 2025-04-09: | Initial Publication |
supportportal.juniper.net/JSA96467
Support options
