Description
A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to cause the l2cpd process to crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. When an LLDP telemetry subscription is active, receipt of a specifically malformed LLDP TLV causes the l2cpd process to crash and restart. This issue affects: Junos OS: * All versions before 21.2R3-S9, * from 21.4 before 21.4R3-S10, * from 22.2 before 22.2R3-S6, * from 22.4 before 22.4R3-S6, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S4, * from 24.2 before 24.2R2; Junos OS Evolved: * All versions before 21.4R3-S10-EVO, * from 22.2-EVO before 22.2R3-S6-EVO, * from 22.4-EVO before 22.4R3-S6-EVO, * from 23.2-EVO before 23.2R2-S3-EVO, * from 23.4-EVO before 23.4R2-S4-EVO, * from 24.2-EVO before 24.2R2-EVO.
INFO
Published Date :
2025-04-09T19:53:27.087Z
Last Modified :
2025-04-09T20:39:47.342Z
Source :
juniper
AFFECTED PRODUCTS
The following products are affected by CVE-2025-30646 vulnerability.
| Vendors | Products |
|---|---|
| Juniper |
|
| Juniper Networks |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2025-30646.
| URL | Resource |
|---|---|
| https://supportportal.juniper.net/JSA96456 |
|