Main Vulnerability Database Vulnerabilities #VU107441

#VU107441 Missing release of memory after effective lifetime in Juniper Junos OS - CVE-2025-30658

Published: April 15, 2025

Vulnerability identifier: #VU107441

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-30658

CWE-ID: CWE-401

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Juniper Junos OS

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to missing release of memory after effective lifetime error in the Anti-Virus processing. A remote non-authenticated attacker can cause a Denial-of-Service (DoS).

On all SRX platforms with Anti-Virus enabled, if a server sends specific content in the HTTP body of a response to a client request, these packets are queued by Anti-Virus processing in Juniper Buffers (jbufs) which are never released.

When these jbufs are exhausted, the device stops forwarding all transit traffic.

Remediation

Install updates from vendor's website.

External links

https://supportportal.juniper.net/s/article/2025-04-Security-Bulletin-Junos-OS-SRX-Series-On-devices-with-Anti-Virus-enabled-malicious-server-responses-will-cause-memory-to-leak-ultimately-causing-forwarding-to-stop-CVE-2025-30658

#VU107441 Missing release of memory after effective lifetime in Juniper Junos OS - CVE-2025-30658

Description

Remediation

External links

Please verify you're human