CVE-2025-21599

Summary

A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver (jtd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service. 

Receipt of specifically malformed IPv6 packets, destined to the device, causes kernel memory to not be freed, resulting in memory exhaustion leading to a system crash and Denial of Service (DoS). Continuous receipt and processing of these packets will continue to exhaust kernel memory, creating a sustained Denial of Service (DoS) condition. This issue only affects systems configured with IPv6.

This issue affects Junos OS Evolved: 

  • from 22.4-EVO before 22.4R3-S5-EVO, 
  • from 23.2-EVO before 23.2R2-S2-EVO, 
  • from 23.4-EVO before 23.4R2-S2-EVO, 
  • from 24.2-EVO before 24.2R1-S2-EVO, 24.2R2-EVO.

This issue does not affect Juniper Networks Junos OS Evolved versions prior to 22.4R1-EVO.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS Evolved22.4-EVO < 22.4R3-S5-EVOaffected
Juniper NetworksJunos OS Evolved23.2-EVO < 23.2R2-S2-EVOaffected
Juniper NetworksJunos OS Evolved23.4-EVO < 23.4R2-S2-EVOaffected
Juniper NetworksJunos OS Evolved24.2-EVO < 24.2R1-S2-EVO, 24.2R2-EVOaffected

Weaknesses

  • CWE-401: CWE-401 Missing Release of Memory after Effective Lifetime

Workarounds

There are no known workarounds for this issue.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References