CVE-2025-30645 — NULL Pointer Dereference in Networks Junos OS

CWE-476 — NULL Pointer Dereference4 documents4 sources

Severity

8.7HIGHNVD

EPSS

0.4%

top 39.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedApr 9

Description

A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack (DS) Lite tunnel to crash the flowd process, resulting in a Denial of Service (DoS). Continuous triggering of specific control traffic will create a sustained Denial of Service (DoS) condition. On all SRX platforms, when specific, valid control traffic needs to be sent out of a DS-Lite tunnel, a s…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os21.4 — 21.4R3-S9+5

▶NVDjuniper/junos< 21.2+6

🔴Vulnerability Details

CVEList

Junos OS: SRX Series: Transmission of specific control traffic sent out of a DS-Lite tunnel results in flowd crash↗2025-04-09

▶

GHSA

GHSA-jmg9-4pfx-xj2h: A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, va↗2025-04-09

▶

📋Vendor Advisories

Juniper

CVE-2025-30645: A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, va↗2025-04-09

▶