CVE-2022-22185
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and processing of this specific packet will create a sustained DoS condition. This issue only affects SRX Series when 'preserve-incoming-fragment-size' feature is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS prior to 17.3R1.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | unspecified < 18.3R3-S6 | affected |
| Juniper Networks | Junos OS | unspecified < 17.3R1 | unaffected |
| Juniper Networks | Junos OS | 17.3R1 < 17.3* | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R3-S10 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R3-S7 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R3-S4 | affected |
| Juniper Networks | Junos OS | 19.3 < 19.3R3-S4 | affected |
| Juniper Networks | Junos OS | 19.4 < 19.4R3-S6 | affected |
| Juniper Networks | Junos OS | 20.1 < 20.1R3-S2 | affected |
| Juniper Networks | Junos OS | 20.2 < 20.2R3-S3 | affected |
| Juniper Networks | Junos OS | 20.3 < 20.3R3-S1 | affected |
| Juniper Networks | Junos OS | 20.4 < 20.4R3 | affected |
| Juniper Networks | Junos OS | 21.1 < 21.1R2-S1, 21.1R3 | affected |
| Juniper Networks | Junos OS | 21.2 < 21.2R2 | affected |
Weaknesses
- CWE-754: CWE-754 Improper Check for Unusual or Exceptional Conditions
Workarounds
An administrator can disable the feature preserve-incoming-fragment-size to avoid this issue:
user@host# delete security flow preserve-incoming-fragment-size user@host# commit
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.