CVE-2025-52946

A Use After Free vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an attacker sending a BGP update with a specifically malformed AS PATH to cause rpd to crash, resulting in a Denial of Service (DoS). Continuous receipt of the malformed AS PATH attribute will cause a sustained DoS condition. On all Junos OS and Junos OS Evolved platforms, the rpd process will crash and restart when a specifically malformed AS PATH is received within a BGP update and traceoptions are enabled. This issue only affects systems with BGP traceoptions enabled and requires a BGP session to be already established. Systems without BGP traceoptions enabled are not impacted by this issue. This issue affects: Junos OS: * All versions before 21.2R3-S9, * all versions of 21.4, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S5, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2; Junos OS Evolved: * All versions before 22.4R3-S5-EVO, * from 23.2-EVO before 23.2R2-S3-EVO, * from 23.4-EVO before 23.4R2-S4-EVO, * from 24.2-EVO before 24.2R2-EVO. This is a more complete fix for previously published CVE-2024-39549 (JSA83011).

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://supportportal.juniper.net/JSA100050	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:juniper:junos::::::::
	cpe:2.3:o:juniper:junos:21.2:-::::::
	cpe:2.3:o:juniper:junos:21.2:r1::::::
	cpe:2.3:o:juniper:junos:21.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r2::::::
	cpe:2.3:o:juniper:junos:21.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r3::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s2::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s3::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s4::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s5::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s6::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s7::::::
	cpe:2.3:o:juniper:junos:21.2:r3-s8::::::
	cpe:2.3:o:juniper:junos:21.4:::::::*
	cpe:2.3:o:juniper:junos:22.2:-::::::
	cpe:2.3:o:juniper:junos:22.2:r1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r2::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r3::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s1::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s2::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s3::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s4::::::
	cpe:2.3:o:juniper:junos:22.2:r3-s5::::::
	cpe:2.3:o:juniper:junos:22.4:-::::::
	cpe:2.3:o:juniper:junos:22.4:r1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:22.4:r2::::::
	cpe:2.3:o:juniper:junos:22.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:22.4:r3::::::
	cpe:2.3:o:juniper:junos:22.4:r3-s1::::::
	cpe:2.3:o:juniper:junos:22.4:r3-s2::::::
	cpe:2.3:o:juniper:junos:22.4:r3-s3::::::
	cpe:2.3:o:juniper:junos:22.4:r3-s4::::::
	cpe:2.3:o:juniper:junos:23.2:-::::::
	cpe:2.3:o:juniper:junos:23.2:r1::::::
	cpe:2.3:o:juniper:junos:23.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:23.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:23.2:r2::::::
	cpe:2.3:o:juniper:junos:23.2:r2-s1::::::
	cpe:2.3:o:juniper:junos:23.2:r2-s2::::::
	cpe:2.3:o:juniper:junos:23.4:-::::::
	cpe:2.3:o:juniper:junos:23.4:r1::::::
	cpe:2.3:o:juniper:junos:23.4:r1-s1::::::
	cpe:2.3:o:juniper:junos:23.4:r1-s2::::::
	cpe:2.3:o:juniper:junos:23.4:r2::::::
	cpe:2.3:o:juniper:junos:23.4:r2-s1::::::
	cpe:2.3:o:juniper:junos:23.4:r2-s2::::::
	cpe:2.3:o:juniper:junos:23.4:r2-s3::::::
	cpe:2.3:o:juniper:junos:24.2:-::::::
	cpe:2.3:o:juniper:junos:24.2:r1::::::
	cpe:2.3:o:juniper:junos:24.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:24.2:r1-s2::::::
	cpe:2.3:o:juniper:junos_os_evolved::::::::
	cpe:2.3:o:juniper:junos_os_evolved:22.4:-::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r2::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r3::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3::::::
cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4::::::
cpe:2.3:o:juniper:junos_os_evolved:23.2:-::::::
cpe:2.3:o:juniper:junos_os_evolved:23.2:r1::::::
cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1::::::
cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2::::::
cpe:2.3:o:juniper:junos_os_evolved:23.2:r2::::::
cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1::::::
cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:-::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:r1::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:r2::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2::::::
cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3::::::
cpe:2.3:o:juniper:junos_os_evolved:24.2:-::::::
cpe:2.3:o:juniper:junos_os_evolved:24.2:r1::::::
cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2::::::

History

No history.

Information

Published : 2025-07-11 15:15

Updated : 2026-01-23 19:36

NVD link : CVE-2025-52946

Mitre link : CVE-2025-52946

CVE.ORG link : CVE-2025-52946

JSON object : View

Products Affected

juniper

junos
junos_os_evolved

CWE

CWE-416

Use After Free

7.5 /10