A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).

When a specific command is executed, the pfe crashes. This will cause traffic forwarding to be interrupted until the system self-recovers. Repeated execution will create a sustained DoS condition.

This issue only affects MX Series devices with Line cards MPC1-MPC9.
This issue affects:
Junos OS on MX Series:

* All versions before 21.4R3-S9,
* from 22.2 before 22.2R3-S5,
* from 22.3 before 22.3R3-S4,
* from 22.4 before 22.4R3-S2,
* from 23.2 before 23.2R2-S1,
* from 23.4 before 23.4R2.

Related CVEs

CVE-2024-47496

Key Information

GHSA ID

GHSA-v4c2-2gfg-qh3v

Published

October 11, 2024 6:32 PM

Last Modified

October 11, 2024 6:32 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 5, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.