{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33780", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "state": "PUBLISHED", "assignerShortName": "juniper", "dateReserved": "2026-03-23T19:46:13.669Z", "datePublished": "2026-04-09T21:29:20.534Z", "dateUpdated": "2026-04-13T18:06:19.950Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "22.4R3-S5", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "23.2R2-S3", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R2-S4", "status": "affected", "version": "23.4", "versionType": "semver"}, {"lessThan": "24.2R2", "status": "affected", "version": "24.2", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "22.4R3-S5-EVO", "status": "affected", "version": "all version prior to", "versionType": "semver"}, {"lessThan": "23.2R2-S3-EVO", "status": "affected", "version": "23.2", "versionType": "semver"}, {"lessThan": "23.4R2-S4-EVO", "status": "affected", "version": "23.4", "versionType": "semver"}, {"lessThan": "24.2R2-EVO", "status": "affected", "version": "24.2", "versionType": "semver"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(251, 251, 251);\">To be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options.</span>\n\n<br>"}], "value": "To be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options."}], "datePublic": "2026-04-08T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the&nbsp;Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).<br><br>\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.<br><br>Use the following command to monitor the memory consumption by l2ald:<br><br><tt>user@device&gt; show system process extensive | match \"PID|l2ald\"</tt> \n\n<br><br><p>This issue affects:</p><p>Junos OS:</p><p></p><ul><li>all versions before 22.4R3-S5,</li><li>23.2 versions before 23.2R2-S3,</li><li>23.4 versions before 23.4R2-S4,</li><li>24.2 versions before 24.2R2;</li></ul><p></p><p>Junos OS Evolved:</p><p></p><ul><li>all versions before 22.4R3-S5-EVO,</li><li>23.2 versions before 23.2R2-S3-EVO,</li><li>23.4 versions before 23.4R2-S4-EVO,</li><li>24.2 versions before 24.2R2-EVO.</li></ul><p></p><p><br></p>"}], "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\n\n\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\n\nUse the following command to monitor the memory consumption by l2ald:\n\nuser@device> show system process extensive | match \"PID|l2ald\" \n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * all versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S5-EVO,\n * 23.2 versions before 23.2R2-S3-EVO,\n * 23.4 versions before 23.4R2-S4-EVO,\n * 24.2 versions before 24.2R2-EVO."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV4_0": {"Automatable": "YES", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "baseScore": 7.1, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-401", "description": "CWE-401 Missing Release of Memory after Effective Lifetime", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2026-04-09T21:29:20.534Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://kb.juniper.net/JSA107819"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: <br>Junos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,&nbsp;and all subsequent releases;<br>Junos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."}], "value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,\u00a0and all subsequent releases;\nJunos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases."}], "source": {"advisory": "JSA107819", "defect": ["1824956"], "discovery": "USER"}, "title": "Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "There are no known workarounds for this issue."}], "value": "There are no known workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33780", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-13T17:39:43.706961Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T18:06:19.950Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33780", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-13T17:39:43.706961Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T17:58:41.554Z"}}], "cna": {"title": "Junos OS and Junos OS Evolved: In an EVPN-MPLS scenario churn of ESI routes causes a memory leak in l2ald", "source": {"defect": ["1824956"], "advisory": "JSA107819", "discovery": "USER"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "YES", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:Y/RE:M", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"status": "affected", "version": "0", "lessThan": "22.4R3-S5", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S3", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2-S4", "versionType": "semver"}, {"status": "affected", "version": "24.2", "lessThan": "24.2R2", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"vendor": "Juniper Networks", "product": "Junos OS Evolved", "versions": [{"status": "affected", "version": "all version prior to", "lessThan": "22.4R3-S5-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.2", "lessThan": "23.2R2-S3-EVO", "versionType": "semver"}, {"status": "affected", "version": "23.4", "lessThan": "23.4R2-S4-EVO", "versionType": "semver"}, {"status": "affected", "version": "24.2", "lessThan": "24.2R2-EVO", "versionType": "semver"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", "base64": false}]}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,\u00a0and all subsequent releases;\nJunos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.", "supportingMedia": [{"type": "text/html", "value": "The following software releases have been updated to resolve this specific issue: <br>Junos OS Evolved: 22.4R3-S5-EVO, 23.2R2-S3-EVO, 23.4R2-S4-EVO, 24.2R2-EVO, 24.4R1-EVO,&nbsp;and all subsequent releases;<br>Junos OS: 22.4R3-S5, 23.2R2-S3, 23.4R2-S4, 24.2R2, 24.4R1, and all subsequent releases.", "base64": false}]}], "datePublic": "2026-04-08T16:00:00.000Z", "references": [{"url": "https://kb.juniper.net/JSA107819", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "There are no known workarounds for this issue.", "supportingMedia": [{"type": "text/html", "value": "There are no known workarounds for this issue.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\n\n\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\n\nUse the following command to monitor the memory consumption by l2ald:\n\nuser@device> show system process extensive | match \"PID|l2ald\" \n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * all versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S5-EVO,\n * 23.2 versions before 23.2R2-S3-EVO,\n * 23.4 versions before 23.4R2-S4-EVO,\n * 24.2 versions before 24.2R2-EVO.", "supportingMedia": [{"type": "text/html", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the&nbsp;Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).<br><br>\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.<br><br>Use the following command to monitor the memory consumption by l2ald:<br><br><tt>user@device&gt; show system process extensive | match \"PID|l2ald\"</tt> \n\n<br><br><p>This issue affects:</p><p>Junos OS:</p><p></p><ul><li>all versions before 22.4R3-S5,</li><li>23.2 versions before 23.2R2-S3,</li><li>23.4 versions before 23.4R2-S4,</li><li>24.2 versions before 24.2R2;</li></ul><p></p><p>Junos OS Evolved:</p><p></p><ul><li>all versions before 22.4R3-S5-EVO,</li><li>23.2 versions before 23.2R2-S3-EVO,</li><li>23.4 versions before 23.4R2-S4-EVO,</li><li>24.2 versions before 24.2R2-EVO.</li></ul><p></p><p><br></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-401", "description": "CWE-401 Missing Release of Memory after Effective Lifetime"}]}], "configurations": [{"lang": "en", "value": "To be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(251, 251, 251);\">To be exposed to this issue the device must be configured for EVPN-MPLS. Refer to product documentation for how to configure EVPN-MPLS as there are different configuration options.</span>\n\n<br>", "base64": false}]}], "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2026-04-09T21:29:20.534Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33780", "state": "PUBLISHED", "dateUpdated": "2026-04-13T18:06:19.950Z", "dateReserved": "2026-03-23T19:46:13.669Z", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "datePublished": "2026-04-09T21:29:20.534Z", "assignerShortName": "juniper"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "matchCriteriaId": "57F66641-003B-49D6-A9B9-AB300CFE3C93", "versionEndExcluding": "22.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:-:*:*:*:*:*:*", "matchCriteriaId": "1379EF30-AF04-4F98-8328-52A631F24737", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1:*:*:*:*:*:*", "matchCriteriaId": "28E42A41-7965-456B-B0AF-9D3229CE4D4C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "CB1A77D6-D3AD-481B-979C-8F778530B175", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "3A064B6B-A99B-4D8D-A62D-B00C7870BC30", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2:*:*:*:*:*:*", "matchCriteriaId": "40813417-A938-4F74-A419-8C5188A35486", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "7FC1BA1A-DF0E-4B15-86BA-24C60E546732", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "EBB967BF-3495-476D-839A-9DBFCBE69F91", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3:*:*:*:*:*:*", "matchCriteriaId": "7E5688D6-DCA4-4550-9CD1-A3D792252129", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "8494546C-00EA-49B6-B6FA-FDE42CA5B1FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "8BB98579-FA33-4E41-A162-A46E9709FBD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "08E2562F-FB18-4347-8497-7D61B8157EBB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "494D1D96-1DA2-4B0A-9536-1B5A4FDFCA09", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:-:*:*:*:*:*:*", "matchCriteriaId": "1A78CC80-E8B1-4CDA-BB35-A61833657FA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1:*:*:*:*:*:*", "matchCriteriaId": "4B3B2FE1-C228-46BE-AC76-70C2687050AE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "F1B16FF0-900F-4AEE-B670-A537139F6909", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "B227E831-30FF-4BE1-B8B2-31829A5610A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2:*:*:*:*:*:*", "matchCriteriaId": "1ADA814B-EF98-45B1-AF7A-0C89688F7CA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "A6FB32DF-D062-4FB9-8777-452978BEC7B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "B3B6C811-5C10-4486-849D-5559B592350A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:-:*:*:*:*:*:*", "matchCriteriaId": "78481ABC-3620-410D-BC78-334657E0BB75", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1:*:*:*:*:*:*", "matchCriteriaId": "BE8A5BA3-87BD-473A-B229-2AAB2C797005", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8B74AC3E-8FC9-400A-A176-4F7F21F10756", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "CB2D1FCE-8019-4CE1-BA45-D62F91AF7B51", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2:*:*:*:*:*:*", "matchCriteriaId": "175CCB13-76C0-44A4-A71D-41E22B92EB23", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "166BFDB3-1945-4949-BC2B-E18442FF2E4D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "5923610F-878C-48CA-8B5D-9C609E4DD4DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:23.4:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "A7C207E3-0252-4192-8E8C-E2ED2831B4F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*", "matchCriteriaId": "89524D6D-0B22-4952-AD8E-8072C5A05D5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*", "matchCriteriaId": "AD69A194-1B03-44EA-8092-79BD10C6F729", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8463ADB4-B8A7-4D63-97A9-232ED713A21C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "FE68337F-106E-4317-A5B6-292B0159F577", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9925263-E7B7-49AA-8271-AF320F355B80", "versionEndExcluding": "22.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*", "matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*", "matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2:*:*:*:*:*:*", "matchCriteriaId": "04CE952D-E3C1-4B34-9E65-EC52BFE887AB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "8AE9D1A7-4721-4E1D-B965-FDC38126B1DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "A8643AA3-29EF-48A7-B033-CB60988E214B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3:*:*:*:*:*:*", "matchCriteriaId": "9800BA03-E6BF-4212-B2E7-69C0FD27D294", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "ACCA655D-C542-44F1-B183-4C864CFF2D4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "6D499B19-A91A-4B76-B1CB-6A07A4CB212B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "B6B2830C-26EE-446E-B0C3-B5E43AD897B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "1C7367E6-B491-4A1F-B9D7-BC86A15A0773", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:-:*:*:*:*:*:*", "matchCriteriaId": "6DEAA7FD-385F-4221-907E-65ABC16BE4BE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1:*:*:*:*:*:*", "matchCriteriaId": "DDEC008A-3137-48D1-8ABC-6DB0EFC40E50", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "558D234D-BC50-415F-86D6-8E19D6C3ACE0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "33F4EEEE-77E9-4973-A770-99E7BA2F05F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2:*:*:*:*:*:*", "matchCriteriaId": "A4BB6910-B994-45FD-8153-5EC00EE842E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "D657944B-2066-4F2C-BC92-EDF4DE1C165C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "75A58924-6348-44CF-AB39-1FCE17FE81AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:-:*:*:*:*:*:*", "matchCriteriaId": "9D7F0D73-85EE-4A07-B51B-6BF52ECBA75E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1:*:*:*:*:*:*", "matchCriteriaId": "FE777A1F-9CD9-426E-AF1C-FBE01EB9A4A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "7147BA60-30A5-4CED-9AAF-F6BEA0528B89", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "6E5CE59B-14B2-4F4C-81B5-0430EC954956", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2:*:*:*:*:*:*", "matchCriteriaId": "FB82B22F-9005-4EF0-A1E3-4261757783D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "0224D3F1-8B86-432C-8F5B-B4B7B69ADF31", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "EB2FE5FE-0ADE-406E-A23D-FDCC104B2496", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:23.4:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "2E58987A-D7B7-4FFF-9969-E8FD76AE2BE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:-:*:*:*:*:*:*", "matchCriteriaId": "0DD89AAD-C615-42AF-B8AF-E6067862F0F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1:*:*:*:*:*:*", "matchCriteriaId": "28AFF11D-E418-4A76-B557-F60622602537", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:24.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "0A86A69D-2B90-4B3B-A6EC-88358284787D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Missing Release of Memory after Effective Lifetime vulnerability in the\u00a0Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service (DoS).\n\n\n\nIn an EVPN-MPLS scenario, routes learned from remote multi-homed Provider Edge (PE) devices are programmed as ESI routes. Due to a logic issue in the l2ald memory management, memory allocated for these routes is not released when there is churn for these routes. As a result, memory leaks in the l2ald process which will ultimately lead to a crash and restart of l2ald.\n\nUse the following command to monitor the memory consumption by l2ald:\n\nuser@device> show system process extensive | match \"PID|l2ald\" \n\n\n\nThis issue affects:\n\nJunos OS:\n\n\n\n * all versions before 22.4R3-S5,\n * 23.2 versions before 23.2R2-S3,\n * 23.4 versions before 23.4R2-S4,\n * 24.2 versions before 24.2R2;\n\n\n\n\nJunos OS Evolved:\n\n\n\n * all versions before 22.4R3-S5-EVO,\n * 23.2 versions before 23.2R2-S3-EVO,\n * 23.4 versions before 23.4R2-S4-EVO,\n * 24.2 versions before 24.2R2-EVO."}], "id": "CVE-2026-33780", "lastModified": "2026-04-17T17:59:50.417", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2026-04-09T22:16:26.960", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA107819"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "sirt@juniper.net", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,22.4R3-S5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[23.2,23.2R2-S3)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[23.4,23.4R2-S4)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[24.2,24.2R2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Junos OS", "source": "cna", "vendor": "Juniper Networks"}, "product": "junos_os", "vendor": "juniper_networks"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,22.4R3-S5-EVO)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[23.2,23.2R2-S3-EVO)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[23.4,23.4R2-S4-EVO)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[24.2,24.2R2-EVO)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Junos OS Evolved", "source": "cna", "vendor": "Juniper Networks"}, "product": "junos_os_evolved", "vendor": "juniper_networks"}], "analysis": {"en": {"generated_at": "2026-04-09T23:53:16.273410+00:00", "value": {"mitigation_remediation": ["Verify the device's Junos OS or Junos OS\u202fEvolved version to determine if it falls within the vulnerable range.", "Upgrade the operating system to a release that includes the fix (at least 22.4\u00a0R3\u2011S5 for Junos\u00a0OS or 22.4\u00a0R3\u2011S5\u2011EVO for Junos\u00a0OS\u202fEvolved) following the vendor's upgrade procedures.", "After updating, confirm that the l2ald process remains stable by reviewing its memory usage in system process output.", "If the fault persists, reboot the device to ensure the new software is loaded and verify normal Layer\u20112 learning functionality."], "summary": {"action": "Apply Patch", "impact": "Denial of Service via memory exhaustion"}, "threat_synthesis": {"affected_systems": "The flaw affects Juniper Networks Junos\u00a0OS and Junos\u00a0OS\u00a0Evolved. All releases before 22.4\u00a0R3\u2011S5, before 23.2\u00a0R2\u2011S3, before 23.4\u00a0R2\u2011S4, and before 24.2\u00a0R2 in Junos\u00a0OS are impacted, as are the corresponding earlier releases in Junos\u00a0OS\u00a0Evolved (pre\u201122.4\u00a0R3\u2011S5\u2011EVO, pre\u201123.2\u00a0R2\u2011S3\u2011EVO, pre\u201123.4\u00a0R2\u2011S4\u2011EVO, and pre\u201124.2\u00a0R2\u2011EVO). Devices running any of these versions are vulnerable.", "description_and_impact": "The Layer\u00a02 Address Learning Daemon (l2ald) in Juniper Networks Junos\u00a0OS and Junos\u00a0OS\u00a0Evolved suffers from a missing release of memory after its effective lifetime. When ESI routes churn in an EVPN\u2011MPLS environment, the daemon allocates memory but fails to free it, causing a memory leak that eventually drains system memory, forces the l2ald process to crash, and triggers a restart. The denial of service that results disrupts Layer\u20112 learning and connectivity across the fabric. This flaw is a classic uninitialized memory usage weakness (CWE\u2011401).", "risk_and_exploitability": "The risk rating for this issue is 7.1 on the Common Vulnerability Scoring System scale, indicating high severity. An adjacent attacker who can influence ESI route churn\u2014without authentication or elevated privileges\u2014can trigger the memory exhaustion and bring down the l2ald service. The vulnerability is not listed in the official known exploited vulnerabilities catalog, but the lack of a workaround means that the only reliable defense is to apply the vendor's updated releases. Because the condition requires only route churn in an EVPN\u2011MPLS environment, the exploitation surface is potentially broad in networks that use this configuration."}}}}, "created": "2026-04-10T08:37:07.157681+00:00", "updated": "2026-04-10T09:28:11.966568+00:00", "vendors": ["juniper_networks", "juniper_networks$PRODUCT$junos_os", "juniper_networks$PRODUCT$junos_os_evolved"]}