Juniper Junos OS: 2026-01 Security Bulletin: Junos OS: SRX Series, MX Series with MX-SPC3 or MS-MPC: Receipt of multiple specific SIP messages results in flow management process crash (JSA106004) (CVE-2026-21905)

A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the SIP application layer gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow management process, leading to a Denial of Service (DoS).On SRX Series, and MX Series with MX-SPC3 or MS-MPC service cards, receipt of multiple SIP messages causes the SIP headers to be parsed incorrectly, eventually causing a continuous loop and leading to a watchdog timer expiration, crashing the flowd process on SRX Series and MX Series with MX-SPC3, or mspmand process on MX Series with MS-MPC.This issue only occurs over TCP. SIP messages sent over UDP cannot trigger this issue.