Memory leak in Junos OS - CVE-2026-57027
Published: July 8, 2026
Junos OS
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to missing release of memory after effective lifetime error in the packet forwarding engine (pfe). A remote non-authenticated attacker can cause a Denial-of-Service (DoS).
When sFlow is configured in a Virtual Chassis (VC) scenario with EX4100 Series or EX4400 Series devices, multicast traffic which is received on 1 VC member and sent out on another member leads to a memory leak and ultimately an FPC crash and restart.