CVE-2026-21914

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series versions prior to 22.4R3-S8 Juniper Networks Junos OS on SRX Series versions 23.2 before 23.2R2-S5 Juniper Networks Junos OS on SRX Series versions 23.4 before 23.4R2-S6 Juniper Networks Junos OS on SRX Series versions 24.2 before 24.2R2-S3 Juniper Networks Junos OS on SRX Series versions 24.4 before 24.4R2-S2 Juniper Networks Junos OS on SRX Series versions 25.2 before 25.2R1-S1 and 25.2R2

Description An Improper Locking issue exists in the GTP plugin of Juniper Networks Junos OS on SRX Series. An unauthenticated, network-based attacker can cause a Denial-of-Service (DoS) by sending a specifically crafted GPRS Tunnelling Protocol (GTP) Modify Bearer Request message. This message causes a lock to be acquired and not released, preventing other threads from acquiring the lock, leading to a watchdog timeout, FPC crash, and restart. This results in a complete traffic outage until the device recovers.

Recommendations Upgrade to Junos OS version 22.4R3-S8 or later. Upgrade to Junos OS version 23.2R2-S5 or later. Upgrade to Junos OS version 23.4R2-S6 or later. Upgrade to Junos OS version 24.2R2-S3 or later. Upgrade to Junos OS version 24.4R2-S2 or later. Upgrade to Junos OS version 25.2R1-S1 or later. Upgrade to Junos OS version 25.2R2 or later.