Juniper Junos OS SRX系列CVE-2026-21906漏洞公告

Key Vulnerability Information Title: 2026-01 Security Bulletin: Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICMP packet causes the PFE to crash (CVE-2026-21906) Affected Product: All versions of Junos OS on SRX Series. Severity: High CVSS Scores: - CVSS v3.1: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) - CVSS v4.0: 8.7 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/AU:YR:A/V:C/RE:M/U:Red) Problem: An unauthenticated network-based attacker can send a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart, requiring GRE performance acceleration and PowerMode IPsec (PMI) to be enabled. Solution: Upgrade to Junos OS 21.4R3-S12, 22.4R3-S8, 23.2R2-S5, 23.4R2-S5, 24.2R2-S3, 24.4R2-S1, 25.2R1-S1, 25.2R2, 25.4R1, or any subsequent releases. Workaround: Disable GRE performance acceleration via 'deactivate security flow gre-performance-acceleration' or disable PMI via 'set security flow power-mode-disable'.

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Juniper Junos OS SRX系列CVE-2026-21906漏洞公告

目标达成感谢每一位支持者 — 我们达成了 100% 目标！