On Juniper Networks SRX Series devices with link aggregation (lag) configured, executing any operation that fetches Aggregated Ethernet (AE) interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic will be impacted and a reboot might be required. The following log can be seen if this issue happens. /kernel: rt_pfe_veto: Memory over consumed. Op 1 err 12, rtsm_id 0:-1, msg type 72 /kernel: rt_pfe_veto: free kmem_map memory = (20770816) curproc = kmd An administrator can use the following CLI command to monitor the status of memory consumption (ifstat bucket): user@device > show system virtual-memory no-forwarding | match ifstat Type InUse MemUse HighUse Limit Requests Limit Size(s) ifstat 2588977 162708K - 19633958 <<<< user@device > show system virtual-memory no-forwarding | match ifstat Type InUse MemUse HighUse Limit Requests Limit Size(s) ifstat 3021629 189749K - 22914415 <<<< This issue affects Juniper Networks Junos OS on SRX Series: 17.1 versions 17.1R3 and above prior to 17.3R3-S11.

17.4 versions prior to 17.4R3-S5.

18.2 versions prior to 18.2R3-S7, 18.2R3-S8.

18.3 versions prior to 18.3R3-S4.

18.4 versions prior to 18.4R2-S7, 18.4R3-S6.

19.1 versions prior to 19.1R3-S4.

19.2 versions prior to 19.2R1-S6.

19.3 versions prior to 19.3R3-S1.

19.4 versions prior to 19.4R3-S1.

20.1 versions prior to 20.1R2, 20.1R3.

20.2 versions prior to 20.2R2-S2, 20.2R3.

20.3 versions prior to 20.3R1-S2, 20.3R2. This issue does not affect Juniper Networks Junos OS prior to 17.1R3.