Race condition in Junos OS - CVE-2026-57030
Published: July 8, 2026
Junos OS
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a race condition in the packet forwarding engine (PFE) when removing flow sessions during stateful traffic processing. A remote attacker can send network traffic to cause a denial of service.
The issue can cause flow sessions to remain with unexpectedly large timeout values, leading to accumulation of invalidated sessions; under some conditions forwarding stops and manual recovery with a reboot may be required, or flowd may core and trigger an automatic reboot.