CVE-2025-30651

April 9, 2025, 8:15 p.m.

7.5
High

Description

A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When an attacker sends a specific ICMPv6 packet to an interface with "protocols router-advertisement" configured, rpd crashes and restarts. Continued receipt of this packet will cause a sustained DoS condition.  This issue only affects systems configured with IPv6. This issue affects Junos OS:  * All versions before 21.2R3-S9,  * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S4, * from 23.2 before 23.2R2-S2, * from 23.4 before 23.4R2; and Junos OS Evolved: * All versions before 21.2R3-S9-EVO, * from 21.4-EVO before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO, * from 22.4-EVO before 22.4R3-S4-EVO, * from 23.2-EVO before 23.2R2-S2-EVO, * from 23.4-EVO before 23.4R2-EVO.

Product(s) Impacted

Product Versions
junos_os
  • <21.2R3-S9
junos_os
  • 21.4-*
junos_os
  • 22.2-*
junos_os
  • 22.4-*
junos_os
  • 23.2-*
junos_os
  • 23.4-*
junos_os_evolved
  • <21.2R3-S9-EVO
junos_os_evolved
  • 21.4-EVO-*
junos_os_evolved
  • 22.2-EVO-*
junos_os_evolved
  • 22.4-EVO-*
junos_os_evolved
  • 23.2-EVO-*
junos_os_evolved
  • 23.4-EVO-*

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-805
Buffer Access with Incorrect Length Value
The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

References

https://supportportal.juniper.net/JSA96461

Tags

CWE-805
sirt@juniper.net
2025-04-09
CVE-2025-30651

CVSS Score

7.5 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: UNCHANGED
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

    View Vector String

Timeline

Published: April 9, 2025, 8:15 p.m.
Last Modified: April 9, 2025, 8:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

sirt@juniper.net

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.