CVE-2025-52955 — Incorrect Calculation of Buffer Size in Networks Junos OS

CWE-131 — Incorrect Calculation of Buffer Size4 documents4 sources

Severity

7.1HIGHNVD

EPSS

0.1%

top 84.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedJul 11

Description

An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a memory corruption that leads to a rpd crash. When the logical interface using a routing instance flaps continuously, specific updates are sent to the jflow/sflow modules. This results in memory corruption, leading to an rpd crash and restart. Continued receipt of these specific updates will cause a …

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolved21.4 — 21.4*-EVO+6

▶NVDjuniper/junos_os_evolved7 versions+6

▶CVEListV5juniper_networks/junos_os21.4 — 21.4*+6

▶NVDjuniper/junos< 21.2+7

🔴Vulnerability Details

CVEList

Junos OS and Junos OS Evolved: When jflow/sflow is configured continuous logical interface flaps causes rpd crash and restart↗2025-07-11

▶

GHSA

GHSA-8g52-rhvw-9278: An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an adjacent unauthentic↗2025-07-11

▶

📋Vendor Advisories

Juniper

CVE-2025-52955: An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an↗2025-07-11

▶