Resolved Issues

Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash (CVE-2024-47504). PR1821452

MNHA configured SRX Series Firewall device becomes unresponsive post manual reboot. PR1830654

Avira automatic pattern update can stop due to negative update interval issue. PR1792169

Web filtering does not work for HTTPS traffic sent from Google Chrome browser or MS Edge v124. PR1806786

Memory corruption resulting in srxpfe process stops. PR1816280

Packet Forwarding Engine process crash is observed after enabling Sophos Antivirus. PR1841398

In a chassis cluster setup the flowd does not respond and SPC cards will fail. PR1761542

Junos OS: SRX4600, SRX5000 Series: TCP packets with SYN/FIN or SYN/RST are transferred after enabling no-syn-check with Express Path (CVE-2024-39561) PR1776940

TCP sessions might get reset during MNHA traffic failover. PR1782444

The flowd process crash is observed in cluster HA mode when there is a route change. PR1785993

VXLAN session not created after applying the FTI configuration on SRX1600.PR1807339

On SRX5000 series and SRX4600, the setting "apply-to-half-close-state" for TCP sessions is not taking effect. PR1807505

On SRX Series Firewall devices, when using IPv6 Multi-path BGP with MX configured with EVPN, transit SFW traffic experiences packet drops during IPv6 Neighbor discovery refresh. PR1817211

SRX4300:SNP: With 200 Tsys configured only 50 Tsys traffic is working. PR1820258

Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd stops responding (CVE-2024-47503) PR1820291

Deleting Layer 3 VPN VRF group configuration causes unrelated bgp neighbor session termination. PR1821325

AppQoS rate limit in PMI mode on SRX5K and SRX4600 might drop packets unexpectedly. PR1828819

GRE traffic is getting blocked due to a software programming issue and MTU going below minimum value. PR1834338

On SRX5800, SRX4700 and SRX4600 flowd crash is detected during PIM register packet processing. PR1839910

The TSC_DEADLINE disabled error logs are observed on Junos vmhost platforms after upgrade. PR1608045

Multiple J-UKERN core files might be generated during the sanity test. PR1641517

Traffic drops are observed for incorrect destination MAC address learned in the hardware. PR1746684

SNMP jnxLicenseAboutToExpire trap is sent every minute when an alarm "License for feature is about to expire" is raised. PR1777649

We might observe repd core (in the "from" release) during ISSU. There are no functional impacts due to this repd core. PR1797189

AppID failure observed post reboot of a node in redundancy group. PR1800966

The cl interface goes down when the dl interface is disabled for link failover. PR1803966

MVRP registration for dynamically created vlan is not seen. PR1804268

VPN configuration specifically related to Remote -Access on SRX Series Firewalls leads to NSD crash. PR1804882

SRX4600 with SOF is observed to continue sending ipv6 traffic out a downed member link. PR1807541

Traffic drop is seen when "monitor traffic interface" command is issued for an interface on Junos SRX Series Firewalls. PR1808353

CPU utilization of the rpd process stays high on all Junos and Junos OS Evolved platforms. PR1808463

When the same virtual mac is used on multiple interfaces, a packet destined to the virtual mac will be dropped. PR1810428

The LLDP neighborship does not recover on aex. PR1811545

Monitored-Status keeps Up after CTL link down in branch model SRX Series Firewall HA. PR1811858

ISSU functionality breaks in cluster and "security logs" configuration setup. PR1813435

Junos OS: SRX1500,SRX4100,SRX4200: Execution of low-privileged CLI command results in chassisd crash (CVE-2025-21596) PR1814404

False SNMP traps for PSU failure generated on Junos SRX1500 platforms. PR1815083

Junos OS: SRX Series: Low privileged user able to access sensitive information on file system (CVE-2024-39527). PR1815751

IIC access error during commit operation cause false positive alarms in devices. PR1816912

Core file DNSF plug-in observed on SRX Series Firewalls. PR1816951

Routes for secure tunnel interface not installed on forwarding-table on SRX Series Firewalls. PR1817807

The ~root/.ssh directory contents is deleted on every reboot. PR1819054

The 1 G interface might be down after upgradation on SRX4600 platform. PR1819376

RTO traffic loss and accumulation of session on secondary node is observed when RTO traffic not evenly distributed to all FLT (Flow Thread) threads. PR1819911

On SRX300, SRX320, SRX340, SRX345, SRX380 devices upgrade/downgrade from Junos OS 22.4R3 or above versions, might fail. PR1821344

DAC interface does not send fault signal to a peer device when the DAC interface is admin disabled. PR1821368

Junos SRX Series Firewall might boot in amnesiac mode and configuration commit might fail with 'error: Check-out failed for CASB process'. PR1823224

Unable to Define NAT Policy Address Names Containing Dots or Slashes in J-Web. PR1823264

On SRX4600, in rare cases with heavy traffic, the FPGA might drop packets. PR1823577

High CPU utilization by the nsd process observed due to DNS common cache and multiple update handlers. PR1823978

Juniper Secure Connect will not get connected if loopback is configured as external interface. PR1825573

Traffic outages due to memory shortage and core files. PR1826129

Root user does not get logged out from shell. PR1827123

Packet Forwarding Engine core can be seen on SRX Series Firewalls during ISSU. PR1827283

IPsec session will flap if assigned IP for config payload request is given in full IPV6 format. PR1827426

Flowd process stops responding seen on SRX Series Firewall with security metadata streaming enabled and then enabling AAMW traceoptions. PR1828721

The Packet Forwarding Engine crash is observed on SRX Series Firewalls on dynamic-filter configuration. PR1830246

Log messages related to 'gencfg no msg handlers' will be seen on SRX4600 platforms. PR1830290

The IDP security-packages install is throwing 'Attack DB Update Failed' error and AppID stops working. PR1832094

On SRX Series Firewalls, ssh getting timed out over IRB Global Mode switching interface. PR1833746

All SRX Series Firewalls using jexec do not respond to ICMPv6 request to all nodes multicast IP. PR1834135

SRX Series Firewalls default named.conf file is created with non dns-proxy related configuration changes. PR1836235

The offline download of the SRX Series Firewalls IDP signature fails. PR1838853

Traffic loss due to tunnel establishment failure in HA setup. PR1839090

After performing ISSU on SRX4600, the SPM is no longer operational. PR1839346

Xe interfaces link down when IP address is assigned. PR1841080

AAMW or Flow-Based Antivirus does not generate ACTION_LOG message when the malware is detected by URI cache. PR1841999

Split-brain condition will be seen in SRX4600 configured in Chassis Cluster under certain conditions. PR1843413

Unnecessary trace log files related to licenses are generated. PR1845079

SRX1500 will not show jnxOperatingTemp and jnxFruTemp temperature reading for PSU temperature. PR1845407

Auto-re-enrollment for local certificate once fail, not trigger again on SRX Series Firewalls. PR1845573

Security-metadata streaming is impacted due to dynamic-filter issue. PR1845645

Packet drops are observed in the VPLS environment on SRX380 platforms in packet mode. PR1845997

FPC0 will not transition to Online and might generate chassis alarm "FPC 0 Hard errors" in SRX4600 devices deployed in chassis cluster. PR1846340

Core being generated for some processes while using license feature. PR1848160

Local or peer device's interface reflects down after SRX380's reboot. PR1848557

40GbE interfaces on Junos SRX5K cluster will go down after cluster failover. PR1809220

The srxpfe process stops responding seen during heavy traffic processing by IDP. PR1825279

Memory leak will be observed on all SRX Series Firewalls when IDP is configured. PR1826377

Display issue is observed when range option is used to configure destination/source port range in custom application. PR1810991

Reload or refresh the J-Web page showing the "Empty reply from server" error. PR1832731

Application cannot be removed from application-set. PR1834748

Junos OS image upload through J-Web fails on select SRX Series Firewall. PR1837925

Gratuitous ARP Count shows 0 for redundancy group 1+ when the default gratuitous-arp-count value is used. PR1845747

Unable to load J-Web after upgrading SRX Series Firewall when time zone is set to GMT+x or GMT-x. PR1851362

The dfwd core is observed on node1 when performing ISSU upgrade to 23.1 and more. PR1794303

Multiple Products: RADIUS protocol susceptible to forgery attacks (Blast-RADIUS) (CVE-2024-3596) PR1802329

On Junos SRX Series Firewall traffic will be dropped when AppID DB is not installed. PR1821890

Routing Engine and Packet Forwarding Engine policy out of sync with specific configuration. PR1837182

Security flow sessions are impacted during ISSU on SRX Series Firewall. PR1838698

FQDN based security policies will not work as expected when DNS server responds with a non-positive error code or refuse responses. PR1844191

The mgd process crash is observed during large amount of configurations. PR1847877

XML namespace string in rpc-reply tag for system-uptime-information was changed to represent the full version name. PR1842868

Iked core-dump on Active node after clearing ipsec SA. PR1786386

High CPU on SPU might lead to FPC reboot and VPN traffic impact by not failing over to the backup node/ PR1794895

Traffic loss for VPN going down due to inconsistency between the VPN configuration in the iked and the SRG database/ PR1804965

MNHA: Stale IPSEC tunnel in Backup node. PR1805690

IS-IS packets over 1500 bytes sent to L2VPN over MPLS are not being processed. PR1807853

Small memory leak in ikemd process when deleting vpn tunnel. PR1815800

IPsec VPN traffic disruption after a change of Authentication protocol is seen on platforms running kmd process. PR1817228

The srxpfe process will stops responding due to memory buffer corruption if the outgoing interface of the IPsec VPN peer goes down and the default route points to st0. PR1818197