18 matches found
CVE-2026-33780
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...
CVE-2026-33780 Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...
CVE-2026-33780
CVE-2026-33780 concerns a memory leak in Juniper Networks’ l2ald within Junos OS and Junos OS Evolved that is triggered by churn of EVPN-MPLS ESI routes learned from remote multi-homed PE devices. The issue stems from a memory management logic flaw where memory allocated for ESI routes is not rel...
PT-2026-31750
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...
EUVD-2024-28307
Malicious code in bioql PyPI...
CVE-2024-30402 Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...
CVE-2024-30402 Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...
CVE-2024-30386 Junos OS and Junos OS Evolved: In a EVPN-VXLAN scenario state changes on adjacent systems can cause an l2ald process crash
A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service DoS. In an EVPN-VXLAN scenario, when state updates are received and...
Juniper Networks Junos OS 安全漏洞
Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS and Junos OS Evolved, which stems...
PT-2024-5064 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S10 Junos OS versions 21.2 prior to 21.2R3-S7 Junos OS versions 21.4 prior to 21.4R3-S5 Junos OS versions 22.1 prior to 22.1R3-S4 Junos OS versions 22.2 prior to 22.2R3-S3 Junos OS versions 22.3 prior to...
PT-2024-2966 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S8 Junos OS versions 21.2 prior to 21.2R3-S6 Junos OS versions 21.3 prior to 21.3R3-S5 Junos OS versions 21.4 prior to 21.4R3-S4 Junos OS versions 22.1 prior to 22.1R3-S3 Junos OS versions 22.2 prior to...
CVE-2021-0244
A signal handler race condition exists in the Layer 2 Address Learning Daemon L2ALD of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition which may allow an attacker to bypass the storm-control feature on devices. This issue is a corner case...
Race condition
A signal handler race condition exists in the Layer 2 Address Learning Daemon L2ALD of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition which may allow an attacker to bypass the storm-control feature on devices. This issue is a corner case...
CVE-2021-0244
CVE-2021-0244 describes a signal handler race condition in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS that may allow an attacker to bypass storm-control on devices. Affected software ranges across multiple Junos OS branches and versions, including EX Series, SRX Seri...
CVE-2018-0056
If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...
CVE-2018-0056
If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...
CVE-2018-0056 MX Series: L2ALD daemon may crash if a duplicate MAC is learned by two different interfaces
If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces. However, the Layer 2 Address Learning Daemon L2ALD daemon might crash when attempting to delete the duplicate MAC address when the...
CVE-2018-0056
The CVE describes an issue in Juniper Networks Junos OS on MX Series devices with l2-backhaul VPN configured. The Layer 2 Address Learning Daemon (L2ALD) may crash when deleting a duplicate MAC address learned on two different interfaces if the entry is not found in the internal MAC address table...