Junos OS EX4100/EX4400 PFE Memory Leak DoS via sFlow VC (pre23.4/24.4)
CVE-2026-57027 Published on July 9, 2026
Junos OS: EX4100 Series, EX4400: With sFlow configured in a VC scenario multicast traffic leads to an FPC crash
A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series devices allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).When sFlow is configured in a Virtual Chassis (VC) scenario with EX4100 Series or EX4400 Series devices, multicast traffic which is received on one VC member and sent out on another member leads to a memory leak and ultimately an FPC crash and restart.
The leak can be monitored by watching the continuous increase of the buffer values in the output of:
user@host> show chassis fpc
This issue affects Junos OS on EX4100 Series and EX4400:
* all versions before 23.2R2-S7,
* 23.4 versions before 23.4R2-S7,
* 24.2 versions before 24.2R2-S4,
* 24.4 versions before 24.4R2.
Vulnerability Analysis
Weakness Type
What is a Memory Leak Vulnerability?
The software does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory. This is often triggered by improper handling of malformed data or unexpectedly interrupted sessions. In some languages, developers are responsible for tracking memory allocation and releasing the memory. If there are no more pointers or references to the memory, then it can no longer be tracked and identified for release.
CVE-2026-57027 has been classified to as a Memory Leak vulnerability or weakness.
Products Associated with CVE-2026-57027
Want to know whenever a new CVE is published for Juniper Networks Junos? stack.watch will email you.
Affected Versions
Juniper Networks Junos OS:- Before 23.2R2-S7 is affected.
- Version 23.4 and below 23.4R2-S7 is affected.
- Version 24.2 and below 24.2R2-S4 is affected.
- Version 24.4 and below 24.4R2 is affected.