CVE-2026-57027: CWE-401 Missing Release of Memory after Effective Lifetime in Juniper Networks Junos OS
A memory leak vulnerability exists in the packet forwarding engine of Juniper Networks Junos OS on EX4100 and EX4400 Series devices when sFlow is configured in a Virtual Chassis scenario. This leak occurs due to multicast traffic being forwarded between Virtual Chassis members, leading to continuous memory consumption, an FPC crash, and device restart. The issue affects multiple Junos OS versions prior to specific patch releases.
AI Analysis
Technical Summary
CVE-2026-57027 is a CWE-401 Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS running on EX4100 and EX4400 Series devices. When sFlow is enabled in a Virtual Chassis configuration, multicast traffic forwarded between members causes a memory leak in the packet forwarding engine. This leak results in an increasing buffer size observable via 'show chassis fpc' command, eventually causing an FPC crash and restart, leading to a Denial-of-Service condition. The vulnerability affects all versions before 23.2R2-S7, 23.4 versions before 23.4R2-S7, 24.2 versions before 24.2R2-S4, and 24.4 versions before 24.4R2.
Potential Impact
An unauthenticated adjacent attacker can trigger a Denial-of-Service by exploiting the memory leak, causing the forwarding plane card (FPC) to crash and restart. This disrupts network operations on affected EX4100 and EX4400 Series devices running vulnerable Junos OS versions. There is no impact on confidentiality or integrity reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. The vendor has identified fixed versions (23.2R2-S7, 23.4R2-S7, 24.2R2-S4, 24.4R2) that address this issue. Until patches are applied, consider disabling sFlow in Virtual Chassis configurations on affected devices to mitigate the risk of memory leaks and DoS.
CVE-2026-57027: CWE-401 Missing Release of Memory after Effective Lifetime in Juniper Networks Junos OS
Description
A memory leak vulnerability exists in the packet forwarding engine of Juniper Networks Junos OS on EX4100 and EX4400 Series devices when sFlow is configured in a Virtual Chassis scenario. This leak occurs due to multicast traffic being forwarded between Virtual Chassis members, leading to continuous memory consumption, an FPC crash, and device restart. The issue affects multiple Junos OS versions prior to specific patch releases.
CVSS v3.1
Score 6.5medium
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-57027 is a CWE-401 Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS running on EX4100 and EX4400 Series devices. When sFlow is enabled in a Virtual Chassis configuration, multicast traffic forwarded between members causes a memory leak in the packet forwarding engine. This leak results in an increasing buffer size observable via 'show chassis fpc' command, eventually causing an FPC crash and restart, leading to a Denial-of-Service condition. The vulnerability affects all versions before 23.2R2-S7, 23.4 versions before 23.4R2-S7, 24.2 versions before 24.2R2-S4, and 24.4 versions before 24.4R2.
Potential Impact
An unauthenticated adjacent attacker can trigger a Denial-of-Service by exploiting the memory leak, causing the forwarding plane card (FPC) to crash and restart. This disrupts network operations on affected EX4100 and EX4400 Series devices running vulnerable Junos OS versions. There is no impact on confidentiality or integrity reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. The vendor has identified fixed versions (23.2R2-S7, 23.4R2-S7, 24.2R2-S4, 24.4R2) that address this issue. Until patches are applied, consider disabling sFlow in Virtual Chassis configurations on affected devices to mitigate the risk of memory leaks and DoS.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- juniper
- Date Reserved
- 2026-06-23T16:27:00.248Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a50171668715ace431ea202
Added to database: 07/09/2026, 21:48:06 UTC
Last enriched: 07/09/2026, 22:03:58 UTC
Last updated: 07/09/2026, 23:59:01 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.