CVE-2022-22194: Junos OS Evolved: PTX series: An attacker sending a crafted GRE packet will cause the PFE to restart
First published: Thu Apr 14 2022(Updated: )
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos Os Evolved | <20.4 | |
| Juniper Junos Os Evolved | =20.4-r1 | |
| Juniper Junos Os Evolved | =20.4-r1-s1 | |
| Juniper Junos Os Evolved | =20.4-r1-s2 | |
| Juniper Junos Os Evolved | =20.4-r2 | |
| Juniper Junos Os Evolved | =20.4-r2-s1 | |
| Juniper Junos Os Evolved | =20.4-r2-s2 | |
| Juniper Ptx10003 | ||
| Juniper Ptx10004 | ||
| Juniper Ptx10008 |
Remedy
The following software releases have been updated to resolve this specific issue: 20.4R2-S3-EVO, 20.4R3-EVO.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22194?
CVE-2022-22194 is an Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008.
How does CVE-2022-22194 affect Juniper Junos OS Evolved?
CVE-2022-22194 affects Juniper Junos OS Evolved versions up to and including 20.4.
What is the severity of CVE-2022-22194?
The severity of CVE-2022-22194 is high with a CVSS score of 7.5.
How can an attacker exploit CVE-2022-22194?
An unauthenticated, network-based attacker can exploit CVE-2022-22194 by sending crafted packets to the packetIO daemon, causing a Denial of Service (DoS) if the system continues to receive these packets.
Is there a fix available for CVE-2022-22194?
Yes, Juniper Networks has released a security advisory and patches to address the CVE-2022-22194 vulnerability. Please refer to the Juniper KB article at the following link for more information: https://kb.juniper.net/JSA69505
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/juniper
- canonical/juniper junos os evolved
- version/juniper junos os evolved/20.4-r1
- version/juniper junos os evolved/20.4-r1-s1
- version/juniper junos os evolved/20.4-r1-s2
- version/juniper junos os evolved/20.4-r2
- version/juniper junos os evolved/20.4-r2-s1
- version/juniper junos os evolved/20.4-r2-s2
- canonical/juniper ptx10003
- canonical/juniper ptx10004
- canonical/juniper ptx10008