CVE-2026-21920
An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).
If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will crash and restart, which causes a service interruption until the process has recovered.
This issue affects Junos OS on SRX Series:
- 23.4 versions before 23.4R2-S5,
- 24.2 versions before 24.2R2-S1,
- 24.4 versions before 24.4R2.
This issue does not affect Junos OS versions before 23.4R1.
| Software | From | Fixed in |
|---|---|---|
| juniper / junos | 23.4 | 23.4.x |
| juniper / junos | 23.4-r1 | 23.4-r1.x |
| juniper / junos | 23.4-r1-s1 | 23.4-r1-s1.x |
| juniper / junos | 23.4-r1-s2 | 23.4-r1-s2.x |
| juniper / junos | 23.4-r2 | 23.4-r2.x |
| juniper / junos | 23.4-r2-s1 | 23.4-r2-s1.x |
| juniper / junos | 23.4-r2-s2 | 23.4-r2-s2.x |
| juniper / junos | 23.4-r2-s3 | 23.4-r2-s3.x |
| juniper / junos | 23.4-r2-s4 | 23.4-r2-s4.x |
| juniper / junos | 24.2 | 24.2.x |
| juniper / junos | 24.2-r1 | 24.2-r1.x |
| juniper / junos | 24.2-r1-s1 | 24.2-r1-s1.x |
| juniper / junos | 24.2-r1-s2 | 24.2-r1-s2.x |
| juniper / junos | 24.2-r2 | 24.2-r2.x |
| juniper / junos | 24.4 | 24.4.x |
| juniper / junos | 24.4-r1 | 24.4-r1.x |
| juniper / junos | 24.4-r1-s2 | 24.4-r1-s2.x |
| juniper / junos | 24.4-r1-s3 | 24.4-r1-s3.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime