CVE-2026-21921
Gravedad CVSS v4.0:
ALTA
Tipo:
CWE-416
Utilización después de liberación
Fecha de publicación:
15/01/2026
Última modificación:
15/01/2026
Descripción
*** Pendiente de traducción *** A Use After Free vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker authenticated with low privileges to cause a Denial-of-Service (DoS).<br />
<br />
When telemetry collectors are frequently subscribing and unsubscribing to sensors continuously over a long period of time, telemetry-capable processes like chassisd, rpd or mib2d will crash and restart, which - depending on the process - can cause a complete outage until the system has recovered.<br />
<br />
This issue affects:<br />
<br />
Junos OS: <br />
<br />
<br />
<br />
* all versions before 22.4R3-S8,<br />
* 23.2 versions before 23.2R2-S5,<br />
* 23.4 versions before 23.4R2;<br />
<br />
<br />
<br />
<br />
Junos OS Evolved:<br />
<br />
<br />
<br />
* all versions before 22.4R3-S8-EVO,<br />
* 23.2 versions before 23.2R2-S5-EVO,<br />
* 23.4 versions before 23.4R2-EVO.
Impacto
Puntuación base 4.0
7.10
Gravedad 4.0
ALTA
Puntuación base 3.x
6.50
Gravedad 3.x
MEDIA