CVE-2026-21919

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 23.4R2-S4 Juniper Networks Junos OS versions prior to 24.2R2-S1 Juniper Networks Junos OS versions prior to 24.4R1-S3, 24.4R2 Juniper Networks Junos OS Evolved versions prior to 23.4R2-S5-EVO Juniper Networks Junos OS Evolved versions prior to 24.2R2-S1-EVO Juniper Networks Junos OS Evolved versions prior to 24.4R1-S3-EVO, 24.4R2-EVO

Description An incorrect synchronization issue in the management daemon (mgd) can lead to a Denial-of-Service (DoS) of the management plane. Rapid establishment and disconnection of NETCONF sessions can cause mgd processes to hang in a locked state. When the maximum number of mgd processes is reached, new logins become impossible, preventing device management and requiring a power cycle for recovery. The issue can be identified by checking for mgd processes in 'lockf' state using the 'show system processes extensive' command. Affected devices can be monitored by checking for mgd processes in lockf state in the output of 'show system processes extensive'.

Recommendations Update Junos OS to version 23.4R2-S4 or later. Update Junos OS to version 24.2R2-S1 or later. Update Junos OS to version 24.4R1-S3 or 24.4R2 or later. Update Junos OS Evolved to version 23.4R2-S5-EVO or later. Update Junos OS Evolved to version 24.2R2-S1-EVO or later. Update Junos OS Evolved to version 24.4R1-S3-EVO or 24.4R2-EVO or later.