CVE-2025-30656

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-30656
An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If the SIP ALG processes specifically formatted SIP invites, a memory corruption will occur which will lead to a crash of the FPC processing these packets. Although the system will automatically recover with the restart of the FPC, subsequent SIP invites will cause the crash again and lead to a sustained DoS. This issue affects Junos OS on MX Series and SRX Series:  * all versions before 21.2R3-S9, * 21.4 versions before 21.4R3-S10, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S5, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S3, * 24.2 versions before 24.2R1-S2, 24.2R2.

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://supportportal.juniper.net/JSA96466
Configurations

No configuration.

History

11 Apr 2025, 15:40

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de Manejo Inadecuado de Elementos Especiales Adicionales (GEA) en el Motor de Reenvío de Paquetes (PFE) de Juniper Networks Junos OS en las series MX con MS-MPC, MS-MIC y SPC3, y SRX, permite a un atacante no autenticado en la red provocar una Denegación de Servicio (DoS). Si la ALG SIP procesa invitaciones SIP con un formato específico, se producirá una corrupción de memoria que provocará un bloqueo del FPC que procesa estos paquetes. Aunque el sistema se recupera automáticamente al reiniciar el FPC, las invitaciones SIP posteriores provocarán el bloqueo de nuevo y provocarán una DoS prolongada. Este problema afecta a Junos OS en las series MX y SRX: * todas las versiones anteriores a 21.2R3-S9, * versiones 21.4 anteriores a 21.4R3-S10, * versiones 22.2 anteriores a 22.2R3-S6, * versiones 22.4 anteriores a 22.4R3-S5, * versiones 23.2 anteriores a 23.2R2-S3, * versiones 23.4 anteriores a 23.4R2-S3, * versiones 24.2 anteriores a 24.2R1-S2, 24.2R2.

09 Apr 2025, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-09 20:15

Updated : 2025-04-11 15:40

NVD link : CVE-2025-30656

Mitre link : CVE-2025-30656

CVE.ORG link : CVE-2025-30656

JSON object : View

Products Affected

No product.

CWE
CWE-167

Improper Handling of Additional Special Element