CVE-2026-33782
Received Received - Intake
Memory Leak in Juniper jdhcpd Causes Denial-of-Service

Publication date: 2026-04-09

Last updated on: 2026-04-17

Assigner: Juniper Networks, Inc.

Description
A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service (DoS). In a DHCPv6 over PPPoE, orΒ DHCPv6 over VLANΒ with Active lease query or Bulk lease query scenario, every subscriber logout will leak a small amount of memory. When all available memory has been exhausted, jdhcpd will crash and restart which causes a complete service impact until the process has recovered. The memory usage of jdhcpd can be monitored with: user@host> show system processes extensive | match jdhcpd This issue affects Junos OS: * all versions before 22.4R3-S1, * 23.2 versions before 23.2R2, * 23.4 versions before 23.4R2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-09
Last Modified
2026-04-17
Generated
2026-06-16
AI Q&A
2026-04-10
EPSS Evaluated
2026-06-15
NVD
CVE-2026-33782
EUVD
EUVD-2026-21091
Affected Vendors & Products
Showing 17 associated CPEs
Vendor Product Version / Range
juniper junos 22.4
juniper junos 22.4
juniper junos 22.4
juniper junos 22.4
juniper junos 23.2
juniper junos 22.4
juniper junos 23.2
juniper junos 22.4
juniper junos 22.4
juniper junos 22.4
juniper junos 23.2
juniper junos 23.2
juniper junos 23.4
juniper junos 23.4
juniper junos 23.4
juniper junos 23.4
juniper junos to 22.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a Missing Release of Memory after Effective Lifetime issue in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series devices.

It occurs in DHCPv6 over PPPoE or DHCPv6 over VLAN scenarios with Active lease query or Bulk lease query, where every subscriber logout causes a small memory leak.

Over time, these leaks accumulate until all available memory is exhausted, causing the jdhcpd process to crash and restart.

This results in a complete Denial-of-Service (DoS) until the process recovers.

Impact Analysis

The vulnerability can lead to a complete Denial-of-Service (DoS) on affected Juniper MX Series devices running vulnerable versions of Junos OS.

As memory leaks accumulate with each subscriber logout, the DHCP daemon (jdhcpd) will eventually crash and restart, causing service interruptions.

This can disrupt network services relying on DHCP, potentially affecting connectivity and availability until the process recovers.

Detection Guidance

The memory usage of the DHCP daemon (jdhcpd) can be monitored to detect this vulnerability.

  • Use the command: show system processes extensive | match jdhcpd

Monitoring the memory usage of jdhcpd over time can help identify a memory leak caused by this vulnerability.

Mitigation Strategies

To mitigate the Missing Release of Memory vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS, you should monitor the memory usage of the jdhcpd process closely.

You can monitor memory usage with the command: show system processes extensive | match jdhcpd.

Additionally, upgrade Junos OS to a fixed version that addresses this issue. The affected versions are all versions before 22.4R3-S1, 23.2 versions before 23.2R2, and 23.4 versions before 23.4R2.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33782. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart