Juniper Junos OS SRX GTP Plugin - Improper Locking DoS (<=25.2R2)
CVE-2026-21914 Published on January 15, 2026
Junos OS: SRX Series: A specifically malformed GTP message will cause an FPC crash
An Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (Dos).
If an SRX Series device receives a specifically malformed GPRS Tunnelling Protocol (GTP) Modify Bearer Request message, a lock is acquired and never released. This results in other threads not being able to acquire a lock themselves, causing a watchdog timeout leading to FPC crash and restart. This issue leads to a complete traffic outage until the device has automatically recovered.
This issue affects Junos OS on SRX Series:
* all versions before 22.4R3-S8,
* 23.2 versions before 23.2R2-S5,
* 23.4 versions before 23.4R2-S6,
* 24.2 versions before 24.2R2-S3,
* 24.4 versions before 24.4R2-S2,
* 25.2 versions before 25.2R1-S1, 25.2R2.
Vulnerability Analysis
CVE-2026-21914 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
Improper Locking
The software does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
Products Associated with CVE-2026-21914
Want to know whenever a new CVE is published for Juniper Networks Junos? stack.watch will email you.
Affected Versions
Juniper Networks Junos OS:- Before 22.4R3-S8 is affected.
- Version 23.2 and below 23.2R2-S5 is affected.
- Version 23.4 and below 23.4R2-S6 is affected.
- Version 24.2 and below 24.2R2-S3 is affected.
- Version 24.4 and below 24.4R2-S2 is affected.
- Version 25.2 and below 25.2R1-S1, 25.2R2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.