Memory Leak DoS in Juniper Junos OS rpd before 23.2R2 IS-IS Neighbor
CVE-2026-21909 Published on January 15, 2026
Junos OS and Junos OS Evolved: Receipt of specific IS-IS update packet causes memory leak leading to RPD crash
A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker controlling an adjacent IS-IS neighbor to send a specific update packet causing a memory leak. Continued receipt and processing of these packets will exhaust all available memory, crashing rpd and creating a Denial of Service (DoS) condition.
Memory usage can be monitored through the use of the 'show task memory detail' command. For example:
user@junos> show task memory detail | match ted-infra
TED-INFRA-COOKIE 25 1072 28 1184 229
user@junos>
show task memory detail | match ted-infra
TED-INFRA-COOKIE 31 1360 34 1472 307
This issue affects:
Junos OS:
* from 23.2 before 23.2R2,
* from 23.4 before 23.4R1-S2, 23.4R2,
* from 24.1 before 24.1R2;
Junos OS Evolved:
* from 23.2 before 23.2R2-EVO,
* from 23.4 before 23.4R1-S2-EVO, 23.4R2-EVO,
* from 24.1 before 24.1R2-EVO.
This issue does not affect Junos OS versions before 23.2R1 or Junos OS Evolved versions before 23.2R1-EVO.
Vulnerability Analysis
Weakness Type
What is a Memory Leak Vulnerability?
The software does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory. This is often triggered by improper handling of malformed data or unexpectedly interrupted sessions. In some languages, developers are responsible for tracking memory allocation and releasing the memory. If there are no more pointers or references to the memory, then it can no longer be tracked and identified for release.
CVE-2026-21909 has been classified to as a Memory Leak vulnerability or weakness.
Products Associated with CVE-2026-21909
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-21909 are published in these products:
Affected Versions
Juniper Networks Junos OS:- Version 23.2 and below 23.2R2 is affected.
- Version 23.4 and below 23.4R1-S2, 23.4R2 is affected.
- Version 24.1 and below 24.1R2 is affected.
- Before 23.2R1 is unaffected.
- Version 23.2 and below 23.2R2-EVO is affected.
- Version 23.4 and below 23.4R1-S2-EVO, 23.4R2-EVO is affected.
- Version 24.1 and below 24.1R2-EVO is affected.
- Before 23.2R1-EVO is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.