CVE-2026-21911

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 21.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.2 through 22.2R3-S4-EVO Juniper Networks Junos OS Evolved versions 22.3 through 22.3R3-S3-EVO Juniper Networks Junos OS Evolved versions 22.4 through 22.4R3-S2-EVO Juniper Networks Junos OS Evolved versions 23.2 through 23.2R2-S1-EVO Juniper Networks Junos OS Evolved versions 23.4 through 23.4R1-S2-EVO and 23.4R2-EVO

Description An incorrect calculation issue in the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-adjacent attacker to disrupt MAC learning over label-switched interfaces (LSI) by flapping the management interface. This disruption causes a flood of logs and high CPU usage. The log message 'op:1 flag:0x6 mac:xx:xx:xx:xx:xx:xx bd:2 ifl:13302 reason:0(REASON NONE) i-op:6(INTRNL OP HW FORCE DELETE) status:10 lstatus:10 err:26(GETIFBD VALIDATE FAILED) err-reason 4(IFBD VALIDATE FAIL EPOCH MISMATCH) hw wr:0x4 ctxsync:0 fwdsync:0 rtt-id:51 p ifl:0 fwd nh:0 svlbnh:0 event:- smask:0x100000000 dmask:0x0 mplsmask 0x1 act:0x5800 extf:0x0 pfe-id 0 hw-notif-ifl 13302 programmed-ifl 4294967295 pseudo-vtep underlay-ifl-idx 0 stack:GET MAC, ALLOCATE MAC, GET IFL, GET IFF, GET IFBD, STOP' will be generated when the issue is observed.

Recommendations Update to Junos OS Evolved version 21.4R3-S7-EVO or later. Update to Junos OS Evolved version 22.2R3-S4-EVO or later. Update to Junos OS Evolved version 22.3R3-S3-EVO or later. Update to Junos OS Evolved version 22.4R3-S2-EVO or later. Update to Junos OS Evolved version 23.2R2-S1-EVO or later. Update to Junos OS Evolved version 23.4R1-S2-EVO or 23.4R2-EVO or later.