CVE-2022-22195: Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash
First published: Wed Apr 13 2022(Updated: )
An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | <20.4 | |
| Juniper JUNOS | =20.4-r1 | |
| Juniper JUNOS | =20.4-r1-s1 | |
| Juniper JUNOS | =20.4-r1-s2 | |
| Juniper JUNOS | =20.4-r2 | |
| Juniper JUNOS | =20.4-r2-s1 | |
| Juniper JUNOS | =20.4-r2-s2 | |
| Juniper JUNOS | =20.4-r2-s3 | |
| Juniper JUNOS | =20.4-r3 | |
| Juniper JUNOS | =21.1-r1 | |
| Juniper JUNOS | =21.1-r1-s1 | |
| Juniper JUNOS | =21.1-r2 | |
| Juniper JUNOS | =21.2-r1 | |
| Juniper JUNOS | =21.2-r1-s1 | |
| Juniper JUNOS | =21.2-r2 | |
| Juniper JUNOS | =21.3-r1 | |
| Juniper JUNOS | =21.3-r1-s1 |
Remedy
The following software releases have been updated to resolve this specific issue: 20.4R3-S1-EVO, 21.1R3-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-22195?
CVE-2022-22195 has been classified as a high severity vulnerability due to the potential for Denial of Service (DoS) caused by a reference count overflow.
How do I fix CVE-2022-22195?
To fix CVE-2022-22195, upgrade your Juniper Networks Junos OS Evolved to the latest version beyond the affected versions listed.
What versions of Junos OS Evolved are affected by CVE-2022-22195?
CVE-2022-22195 affects multiple versions of Juniper Networks Junos OS Evolved, specifically those up to version 20.4 and several 21.x versions.
Can CVE-2022-22195 be exploited remotely?
Yes, CVE-2022-22195 can be exploited by unauthenticated, network-based attackers, making it particularly concerning.
What impact does CVE-2022-22195 have on system availability?
Exploitation of CVE-2022-22195 can lead to a Denial of Service (DoS), causing system unavailability.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/20.4-r1
- version/juniper junos/20.4-r1-s1
- version/juniper junos/20.4-r1-s2
- version/juniper junos/20.4-r2
- version/juniper junos/20.4-r2-s1
- version/juniper junos/20.4-r2-s2
- version/juniper junos/20.4-r2-s3
- version/juniper junos/20.4-r3
- version/juniper junos/21.1-r1
- version/juniper junos/21.1-r1-s1
- version/juniper junos/21.1-r2
- version/juniper junos/21.2-r1
- version/juniper junos/21.2-r1-s1
- version/juniper junos/21.2-r2
- version/juniper junos/21.3-r1
- version/juniper junos/21.3-r1-s1