CVE-2020-1625— Junos OS: Kernel memory leak in virtual-memory due to interface flaps

CVSS 6.5 · Medium EPSS 0.11% · P28 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-1625

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: Kernel memory leak in virtual-memory due to interface flaps

Source: NVD (National Vulnerability Database)

Vulnerability Description

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons (processes), leading to an extended Denial of Service (DoS) condition. Usage of "temp" virtual memory, shown here by a constantly increasing value of outstanding Requests, can be monitored by executing the 'show system virtual-memory' command as shown below: user@junos> show system virtual-memory |match "fpc|type|temp" fpc0: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2023 431K - 10551 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 fpc1: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2020 431K - 6460 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 user@junos> show system virtual-memory |match "fpc|type|temp" fpc0: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2023 431K - 16101 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 fpc1: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2020 431K - 6665 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 user@junos> show system virtual-memory |match "fpc|type|temp" fpc0: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2023 431K - 21867 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 fpc1: -------------------------------------------------------------------------- Type InUse MemUse HighUse Requests Size(s) temp 2020 431K - 6858 16,32,64,128,256,512,1024,2048,4096,65536,262144,1048576,2097152,4194304,8388608 This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.2X75 versions prior to 17.2X75-D44; 17.3 versions prior to 17.3R2-S5, 17.3R3-S6; 17.4 versions prior to 17.4R2-S5, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3; 18.2X75 versions prior to 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D60; 18.3 versions prior to 18.3R1-S5, 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2. This issue does not affect Juniper Networks Junos OS 12.3 and 15.1.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

未加控制的资源消耗(资源穷尽)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks Junos OS 资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS中存在资源管理错误漏洞。远程攻击者可借助特制请求利用该漏洞导致拒绝服务。以下产品及版本受到影响：Juniper Networks Junos OS 16.1版本，17.1版本，17.2版本，17.2X75版本，17.3版本，17.4版本，18.1版本，18.2

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos OS	16.1 ~ 16.1R7-S6	-

II. Public POCs for CVE-2020-1625

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-1625

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2020-1625

Same Patch Batch · Juniper Networks · 2020-04-08 · 22 CVEs total

CVE-2020-1614	10.0 CRITICAL	NFX250 Series: Hardcoded credentials in the vSRX VNF instance.
CVE-2020-1615	9.8 CRITICAL	Junos OS: vMX: Default credentials supplied in vMX configuration
CVE-2020-1613	8.6 HIGH	Junos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement.
CVE-2020-1639	7.5 HIGH	Junos OS: A crafted Ethernet OAM packet received by Junos may cause the Ethernet OAM conne
CVE-2020-1617	7.5 HIGH	Junos OS: PTX1000 and PTX10000 Series, QFX10000 Series using non-AFT architectures: A spec
CVE-2020-1626	7.5 HIGH	Junos OS Evolved: Denial of Service vulnerability in processing high rate of specific pack
CVE-2020-1627	7.5 HIGH	Junos OS: vMX and MX150: Denial of Service vulnerability in packet processing
CVE-2020-1634	7.5 HIGH	Junos OS: High-End SRX Series: Multicast traffic might cause all FPCs to reset.
CVE-2020-1638	7.5 HIGH	Junos OS & Junos OS Evolved: A specific IPv4 packet can lead to FPC restart.
CVE-2020-1637	7.2 HIGH	Junos OS: SRX Series: Unified Access Control (UAC) bypass vulnerability
CVE-2020-1618	6.3 MEDIUM	Junos OS: EX and QFX Series: Console port authentication bypass vulnerability
CVE-2020-1619	6.0 MEDIUM	Junos OS: QFX10K Series, EX9200 Series, MX Series, PTX Series: Privilege escalation vulner
CVE-2020-1629	5.9 MEDIUM	Junos OS: A race condition vulnerability may cause RPD daemon to crash when processing a B
CVE-2020-1624	5.5 MEDIUM	Junos OS Evolved: objmon logs may leak sensitive information
CVE-2020-1622	5.5 MEDIUM	Junos OS Evolved: EvoSharedObjStore may leak sensitive information
CVE-2020-1623	5.5 MEDIUM	Junos OS Evolved: ev.ops file may leak sensitive information
CVE-2020-1620	5.5 MEDIUM	Junos OS Evolved: Configd leaks hashes via log file and is world readable
CVE-2020-1621	5.5 MEDIUM	Junos OS Evolved: Configd leaks hashes via stream and is world readable
CVE-2020-1628	5.3 MEDIUM	Junos OS: EX4300: Traffic from the network internal to the device (128.0.0.0) may be forwa
CVE-2020-1616	5.3 MEDIUM	JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service.

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

Same weakness: CWE-400

V. Comments for CVE-2020-1625

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-1625— Junos OS: Kernel memory leak in virtual-memory due to interface flaps

I. Basic Information for CVE-2020-1625

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-1625

III. Intelligence Information for CVE-2020-1625

Same Patch Batch · Juniper Networks · 2020-04-08 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-1625

Leave a comment