CVE-2026-57030

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). As part of the stateful traffic processing on SRX Series devices flows are being established, and removed when not needed anymore. During the removal process the timeout of a flow should be set to 3 seconds and consequentially the flow should be removed shortly after. Due to a race condition occurring when setting the timeout there is a chance (the exact conditions are outside the attackers control) that the timeout is instead set to a very high value of larger than 10,000 seconds: user@host> show security flow session | match timeout Session ID: 98784248524, Policy name: PROD-FLOW/4, HA State: Active, Timeout: 85250, Session State: Valid This will lead to an accumulation of flows which can be observed by an ever-increasing value of invalidated sessions in the output of 'show security flow session summary': user@host> show security flow session summary | match invalid Invalidated sessions: 216931These sessions can't be cleared manually with the 'clear security flow session' command, which will either lead to forwarding to stop (and the system needs to be manually recovered with a reboot) or to a flowd core and automatic reboot. This issue affects Junos OS on SRX Series: * 24.2 versions before 24.2R2-S3, * 24.4 versions before 24.4R2-S1, 24.4R2-S2, * 25.2 versions before 25.2R1-S2, 25.2R2. This issue does not affect releases earlier than 24.2R1;
References
Link Resource
https://supportportal.juniper.net/JSA110090 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:r1-s1:*:*:*:*:*:*
OR cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx400:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4120:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx440:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*

History

13 Jul 2026, 20:16

Type Values Removed Values Added
CPE cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4700:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4120:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:r1-s1:*:*:*:*:*:*
cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:r1:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s3:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:-:*:*:*:*:*:*
cpe:2.3:h:juniper:srx1600:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:-:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1:*:*:*:*:*:*
cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:25.2:-:*:*:*:*:*:*
cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx2300:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx400:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r1-s2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.4:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2-s2:*:*:*:*:*:*
cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*
cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r1-s1:*:*:*:*:*:*
cpe:2.3:h:juniper:srx440:-:*:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2:*:*:*:*:*:*
cpe:2.3:o:juniper:junos:24.2:r2-s1:*:*:*:*:*:*
References () https://supportportal.juniper.net/JSA110090 - () https://supportportal.juniper.net/JSA110090 - Vendor Advisory
First Time Juniper srx4100
Juniper srx4200
Juniper srx4700
Juniper srx4600
Juniper
Juniper srx5800
Juniper srx400
Juniper srx1600
Juniper srx4120
Juniper srx5600
Juniper junos
Juniper srx4300
Juniper srx5400
Juniper srx1500
Juniper srx345
Juniper srx320
Juniper srx2300
Juniper srx380
Juniper srx300
Juniper srx440
Juniper srx340

09 Jul 2026, 22:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-09 22:17

Updated : 2026-07-13 20:16


NVD link : CVE-2026-57030

Mitre link : CVE-2026-57030

CVE.ORG link : CVE-2026-57030


JSON object : View

Products Affected

juniper

  • srx4600
  • srx1500
  • srx320
  • srx4200
  • srx4120
  • srx2300
  • srx340
  • junos
  • srx400
  • srx380
  • srx345
  • srx4100
  • srx4300
  • srx5600
  • srx300
  • srx440
  • srx4700
  • srx5800
  • srx5400
  • srx1600
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')