A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS).

In a subscriber management scenario, login/logout activity triggers a memory leak, and the leaked memory gradually increments and eventually results in a crash. 
   
           user@host> show chassis fpc
                                       Temp    CPU Utilization (%)   CPU Utilization (%)   Memory      Utilization (%)
                      Slot State       (C)     Total   Interrupt      1min   5min  15min    DRAM (MB)  Heap     Buffer

                      2  Online         36        10          0          9      8      9         32768       26          0
                                                                                                     

This issue affects Junos OS on MX Series: 
  *  All versions before 21.2R3-S9
  *  from 21.4 before 21.4R3-S10
  *  from 22.2 before 22.2R3-S6
  *  from 22.4 before 22.4R3-S5
  *  from 23.2 before 23.2R2-S3
  *  from 23.4 before 23.4R2-S3
  *  from 24.2 before 24.2R2.

AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-401

https://supportportal.juniper.net/JSA96457