6.8

CVE-2026-57025

Junos OS and Junos OS Evolved: EX Series, QFX Series, MX Series: A specific 'show l2-learning' command causes l2ald crash

A Return of Pointer Value Outside of Expected Range vulnerability in the fileio library of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privilged attacker to cause a Denial-of-Service (DoS).

On EX Series, QFX Series and MX Series a low-privileged attacker issuing a specific 'show l2-learning' command will cause an l2ald crash which will lead to a temporary service impact for all layer 2 services until the process has automatically restarted.

This issue affects EX Series, QFX Series, MX Series:
Junos OS:


  *  all versions before 23.2R2-S7,
  *  23.4 versions before 23.4R2-S7,
  *  24.2 versions before 24.2R2,
  *  24.4 versions before 24.4R1-S2.



Junos OS Evolved:
  *  all versions before 23.2R2-S7-EVO,
  *  23.4 versions before 23.4R2-S8-EVO,
  *  24.2 versions before 24.2R2-EVO,
  *  24.4 versions before 24.4R1-S3-EVO.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerJuniper Networks
Produkt Junos OS
Default Statusunaffected
Version 0
Version < 23.2R2-S7
Status affected
Version 23.4
Version < 23.4R2-S7
Status affected
Version 24.2
Version < 24.2R2
Status affected
Version 24.4
Version < 24.4R1-S2
Status affected
HerstellerJuniper Networks
Produkt Junos OS Evolved
Default Statusunaffected
Version 0
Version < 23.2R2-S7-EVO
Status affected
Version 23.4
Version < 23.4R2-S8-EVO
Status affected
Version 24.2
Version < 24.2R2-EVO
Status affected
Version 24.4
Version < 24.4R1-S3-EVO
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.038
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
sirt@juniper.net 6.8 0 0
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:X/RE:M/U:X
sirt@juniper.net 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-466 Return of Pointer Value Outside of Expected Range

A function can return a pointer to memory that is outside of the buffer that the pointer is expected to reference.