Resolved Issues

The flowd process might stop on HA and MNHA mode with H.323 ALG configured. PR1804025

Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash (CVE-2024-47504). PR1821452

MNHA configured SRX Series Firewall becomes unresponsive post manual reboot. PR1830654

Memory corruption resulting in srxpfe process stops. PR1816280

Packet Forwarding Engine process continuously cores after enabling Sophos Antivirus and large sizes from 10 MB and above are processed. PR1841398

The flowd process might stop in cluster HA mode when there is a route change. PR1785993

On SRX5000 line of devices and SRX4600, the setting apply-to-half-close-state for TCP sessions is not taking effect. PR1807505

On SRX Series Firewall, when using IPv6 Multi-path BGP with MX configured with EVPN, transit SFW traffic experiences packet drops during IPv6 Neighbor discovery refresh. PR1817211

On SRX4300 with 200 tenant system configured only 50 tenant system traffic is working. PR1820258

Junos OS: SRX4600 and SRX5000 Series: Sequence of specific PIM packets causes a flowd crash (CVE-2024-47503). PR1820291

Deleting L3 VPN vrf-group configuration causes unrelated bgp neighbor session termination. PR1821325

AppQoS rate limit in PMI mode on SRX5000 line of devices and SRX4600 might drop packets unexpectedly. PR1828819

A few line cards will be stuck in the present state and later go offline. PR1631579

Tail drops on high priority queue or egress traffic less than maximum capacity when congestion. PR1712964

Traffic drops are observed for incorrect destination MAC address learned in the hardware. PR1746684

SNMP jnxLicenseAboutToExpire trap is sent every minute when an alarm license for feature name is about to expire is raised. PR1777649

AppID failure observed post reboot of a node in redundancy group. PR1800966

The cl interface goes down when the dl interface is disabled for link failover. PR1803966

MVRP registration for dynamically created VLAN is not seen. PR1804268

SRX4600 with SOF is observed to continue sending IPv6 traffic out a downed member link. PR1807541

Traffic drop is seen when monitor traffic interface command is issued for an interface. PR1808353

CPU utilization of the rpd process is high. PR1808463

NSD file handles incrementing consistently in database file causing a rare condition of ssh access failure. PR1810310

When the same virtual mac is used on multiple interfaces, a packet destined to the virtual mac will be dropped PR1810428

The LLDP neighborship does not recover on aex. PR1811545

Monitored status keeps up after CTL link down. PR1811858

Batch commit might not working in HA. PR1813367

ISSU functionality breaks in cluster and security logs configuration setup. PR1813435

Junos OS: SRX1500,SRX4100,SRX4200: Execution of low-privileged CLI command results in chassisd crash (CVE-2025-21596). PR1814404

False SNMP traps for PSU failure generated on Junos SRX1500 Series Firewall. PR1815083

Junos OS: SRX Series: Low privileged user able to access sensitive information about file system (CVE-2024-39527). PR1815751

IIC access error during commit operation cause false positive alarms in devices. PR1816912

Routes for secure tunnel interface not installed on forwarding table. PR1817807

Configurations commit fails due to mustd process stops. PR1818692

The ~root/.ssh directory contents is deleted on every reboot. PR1819054

On SRX4700, the LLMD support is enhanced. PR1819096

The 1 G interface might be down after upgradation on SRX4600. PR1819376

DAC interface does not send fault signal to a peer device when the DAC interface is admin disabled. PR1821368

Device might boot in amnesiac mode and configuration commit might fail with error: Check-out failed for CASB process. PR1823224

Unable to define NAT policy address names containing dots or slashes in J-Web. PR1823264

High CPU utilization by the nsd process observed due to DNS common cache and multiple update handlers. PR1823978

Juniper Secure Connect will not get connected if loopback is configured as external interface. PR1825573

Traffic outages due to memory shortage and core files. PR1826129

Packet Forwarding Engine might generate core files during ISSU. PR1827283

IPsec session will flap if assigned IP for config payload request is given in full IPv6 format. PR1827426

Flowd process might generate core files when security metadata streaming enabled and then enabling AAMW traceoptions. PR1828721

The Packet Forwarding Engine might stop on dynamic-filter configuration. PR1830246

Log messages related to gencfg no msg handlers' will be seen on SRX4600. PR1830290

SSH getting timed out over IRB Global Mode switching interface. PR1833746

The jexec process might not respond to ICMPv6 request to all nodes multicast IP. PR1834135

The h2c upgrade header is removed even though SRX Series Firewall configured with disables upgrade strip. PR1835733

SRX Series Firewalls default named.conf file is created with non dns-proxy related configuration changes. PR1836235

Device alarm implementation for secondary disk boot on SRX2300, SRX4300, and SRX4700 Series Firewall. PR1838746

The offline download of the IDP signature fails. PR1838853

Traffic loss due to tunnel establishment failure in HA setup. PR1839090

After performing ISSU on SRX4600, the SPM is no longer operational. PR1839346

The srxpfe process might stop when the BFD interval is configured to less than 2 seconds in the MNHA. PR1840872

The xe interfaces link down when IP address is assigned. PR1841080

AAMW or flow based antivirus does not generate ACTION_LOG message when the malware is detected by URI cache. PR1841999

The split-brain condition might be seen in SRX4600 Series Firewall configured in chassis cluster under certain conditions. PR1843413

SRX1500 might not show jnxOperatingTemp and jnxFruTemp temperature reading for PSU temperature. PR1845407

Packet Forwarding Engine might stop when source identity is enabled. PR1845506

Core file might be generated for some processes while using license feature. PR1848160

Local or peer device interface reflects down after SRX380 reboot. PR1848557

40 G interfaces on Junos SRX5000 line of devices cluster will go down after cluster failover. PR1809220

The srxpfe process might stop during heavy traffic processing by IDP. PR1825279

Memory leak might be observed when IDP is configured. PR1826377

Display issue is observed when range option is used to configure destination and source port range in custom application. PR1810991

Reload or refresh the J-Web page showing the Empty reply from server error. PR1832731

J-Web application cannot be removed from application-set. PR1834748

Junos OS image upload through J-Web might fail. PR1837925

Unable to load J-Web after upgrading when time zone is set to GMT+x or GMT-x. PR1851362

In MNHA, node configuration on primary might differ from backup due to configuration synchronization failure at the time of commit. PR1819656

Multiple Products: RADIUS protocol susceptible to forgery attacks (Blast-RADIUS) (CVE-2024-3596). PR1802329

Traffic might be dropped when AppID DB is not installed. PR1821890

FQDN based security policies will not work as expected when DNS server responds with a non-positive error code or refuse responses. PR1844191

The mgd process might stop during large amount of configurations. PR1847877

The commit fails error can be seen when configuration is modified after commit prepare. PR1799215

The system scripts refresh might fail when using load CLI option. PR1821845

High CPU on SPU might lead to FPC reboot and VPN traffic impact by not failing over to the backup node. PR1794895

Traffic loss for VPN going down due to inconsistency between the VPN configuration in the iked and the SRG database. PR1804965

MNHA: Stale IPsec tunnel in backup node. PR1805690

IS-IS packets over 1500 bytes sent to L2 VPN over MPLS are not being processed. PR1807853

Memory leak in ikemd process when deleting VPN tunnel. PR1815800

IPsec VPN traffic disruption after a change of authentication protocol is seen on platforms running kmd process. PR1817228

The srxpfe process might stop due to memory buffer corruption if the outgoing interface of the IPsec VPN peer goes down and the default route points to st0. PR1818197

The show security ipsec tunnel-events-statistics displays wrong message. PR1820654

On rare circumstances, the kmd or iked process might stop on using the third-party library API. PR1833072

SRX Series Firewall might becomes unresponsive when SNMP requests are sent through the fxp0 interface immediately after a reboot. PR1834204

The kmd process might stop on random number generation by the third-party library API. PR1841364