CVE-2026-21905

Summary

A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the SIP application layer gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow management process, leading to a Denial of Service (DoS).

On SRX Series, and MX Series with MX-SPC3 or MS-MPC service cards, receipt of multiple SIP messages causes the SIP headers to be parsed incorrectly, eventually causing a continuous loop and leading to a watchdog timer expiration, crashing the flowd process on SRX Series and MX Series with MX-SPC3, or mspmand process on MX Series with MS-MPC.

This issue only occurs over TCP. SIP messages sent over UDP cannot trigger this issue.

This issue affects Junos OS on SRX Series and MX Series with MX-SPC3 and MS-MPC:

  • all versions before 21.2R3-S10, 
  • from 21.4 before 21.4R3-S12, 
  • from 22.4 before 22.4R3-S8, 
  • from 23.2 before 23.2R2-S5, 
  • from 23.4 before 23.4R2-S6, 
  • from 24.2 before 24.2R2-S3, 
  • from 24.4 before 24.4R2-S1, 
  • from 25.2 before 25.2R1-S1, 25.2R2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS0 < 21.2R3-S10affected
Juniper NetworksJunos OS21.4 < 21.4R3-S12affected
Juniper NetworksJunos OS22.4 < 22.4R3-S8affected
Juniper NetworksJunos OS23.2 < 23.2R2-S5affected
Juniper NetworksJunos OS23.4 < 23.4R2-S6affected
Juniper NetworksJunos OS24.2 < 24.2R2-S3affected
Juniper NetworksJunos OS24.4 < 24.4R2-S1affected
Juniper NetworksJunos OS25.2 < 25.2R1-S1, 25.2R2affected

Weaknesses

  • CWE-835: CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

Workarounds

Where practical, use a firewall filter to limit SIP traffic over TCP.

Alternately, if the SIP ALG is not required, it can be explicitly disabled on SRX Series and MX Series with MX-SPC3 via:

set security alg sip disable

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References