First published: Wed Jul 20 2022(Updated: )
A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2.
Credit: sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Juniper Junos | =20.1-r1-s1 | |
Juniper Junos | =20.1-r1-s2 | |
Juniper Junos | =20.1-r1-s3 | |
Juniper Junos | =20.1-r1-s4 | |
Juniper Junos | =20.1-r2 | |
Juniper Junos | =20.1-r2-s1 | |
Juniper Junos | =20.1-r2-s2 | |
Juniper Junos | =20.1-r3 | |
Juniper Junos | =20.1-r3-s1 | |
Juniper Junos | =20.1-r3-s2 | |
Juniper Junos | =20.1-r3-s3 | |
Juniper Junos | =20.2 | |
Juniper Junos | =20.2-r1 | |
Juniper Junos | =20.2-r1-s1 | |
Juniper Junos | =20.2-r1-s2 | |
Juniper Junos | =20.2-r1-s3 | |
Juniper Junos | =20.2-r2 | |
Juniper Junos | =20.2-r2-s1 | |
Juniper Junos | =20.2-r2-s2 | |
Juniper Junos | =20.2-r2-s3 | |
Juniper Junos | =20.2-r3 | |
Juniper Junos | =20.2-r3-s1 | |
Juniper Junos | =20.2-r3-s2 | |
Juniper Junos | =20.2-r3-s3 | |
Juniper Junos | =20.2-r3-s4 | |
Juniper Junos | =20.3 | |
Juniper Junos | =20.3-r1 | |
Juniper Junos | =20.3-r1-s1 | |
Juniper Junos | =20.3-r1-s2 | |
Juniper Junos | =20.3-r2 | |
Juniper Junos | =20.3-r2-s1 | |
Juniper Junos | =20.3-r3 | |
Juniper Junos | =20.3-r3-s1 | |
Juniper Junos | =20.3-r3-s2 | |
Juniper Junos | =20.3-r3-s3 | |
Juniper Junos | =20.4 | |
Juniper Junos | =20.4-r1 | |
Juniper Junos | =20.4-r1-s1 | |
Juniper Junos | =20.4-r2 | |
Juniper Junos | =20.4-r2-s1 | |
Juniper Junos | =20.4-r2-s2 | |
Juniper Junos | =21.1 | |
Juniper Junos | =21.1-r1 | |
Juniper Junos | =21.1-r1-s1 | |
Juniper Junos | =21.2 | |
Juniper Junos | =21.2-r1 | |
Juniper Junos | =21.2-r1-s1 | |
Juniper Junos | =21.2-r1-s2 | |
Juniper MX10 | ||
juniper mx10000 | ||
Juniper MX10003 | ||
Juniper MX10008 | ||
Juniper MX10016 | ||
Juniper MX104 | ||
Juniper MX150 | ||
Juniper MX2008 | ||
Juniper MX2010 | ||
Juniper MX2020 | ||
Juniper MX204 | ||
Juniper MX240 | ||
Juniper MX40 | ||
Juniper MX480 | ||
Juniper MX5 | ||
Juniper MX80 | ||
Juniper MX960 |
The following Junos OS software releases have been updated to resolve this specific issue Junos OS: 20.2R3-S5, 20.3R3-S4, 20.4R3, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-22207 is classified as a critical severity vulnerability due to its potential to cause kernel crashes.
To fix CVE-2022-22207, you should update your Junos OS to the latest recommended version that addresses this vulnerability.
CVE-2022-22207 allows unauthenticated networked attackers to conduct denial-of-service attacks by causing kernel crashes.
CVE-2022-22207 affects multiple versions of Junos OS, specifically those within the 20.1 and 20.2 release series.
There are currently no recommended workarounds for CVE-2022-22207; updating the software is the advised course of action.