PT-2026-3126 · Juniper Networks+1 · Junos On Mx10K Series+2
Published
2026-01-15
·
Updated
2026-01-15
·
CVE-2026-21912
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Juniper Networks Junos OS on MX10k Series versions prior to 21.2R3-S10
Juniper Networks Junos OS on MX10k Series versions 21.4 before 21.4R3-S9
Juniper Networks Junos OS on MX10k Series versions 22.2 before 22.2R3-S7
Juniper Networks Junos OS on MX10k Series versions 22.4 before 22.4R3-S6
Juniper Networks Junos OS on MX10k Series versions 23.2 before 23.2R2-S2
Juniper Networks Junos OS on MX10k Series versions 23.4 before 23.4R2-S3
Juniper Networks Junos OS on MX10k Series version 24.2 before 24.2R2
Description
A Time-of-check Time-of-use (TOCTOU) race condition exists in the method used to collect FPC Ethernet firmware statistics. This affects MX10k Series devices. A local attacker with low privileges, executing the 'show system firmware' command-line interface (CLI) command, can cause an LC480 or LC2101 line card to reset. Repeated execution of the 'show system firmware' CLI command can lead to a line card crash and restart. Following the line card crash, the chassisd process may also crash and restart, generating a core dump.
Recommendations
Versions prior to 21.2R3-S10 should be updated.
Versions 21.4 before 21.4R3-S9 should be updated.
Versions 22.2 before 22.2R3-S7 should be updated.
Versions 22.4 before 22.4R3-S6 should be updated.
Versions 23.2 before 23.2R2-S2 should be updated.
Versions 23.4 before 23.4R2-S3 should be updated.
Version 24.2 before 24.2R2 should be updated.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos On Mx10K Series
Lc2101 Line Card
Lc480 Line Card