CWE
476
Advisory Published
Updated

CVE-2022-22210: Junos OS: QFX5000 Series and MX Series: An l2alm crash leading to an FPC crash can be observed in VxLAN scenario

First published: Wed Jul 13 2022(Updated: )

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). On QFX5K Series and MX Series, when the PFE receives a specific VxLAN packet the Layer 2 Address Learning Manager (L2ALM) process will crash leading to an FPC reboot. Continued receipt of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on QFX5000 Series, MX Series: 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.2 versions prior to 21.2R2-S1. This issue does not affect Juniper Networks Junos OS: All versions prior to 20.3R1; 21.1 version 21.1R1 and later versions.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Juniper JUNOS=20.3
Juniper JUNOS=20.3-r1
Juniper JUNOS=20.3-r1-s1
Juniper JUNOS=20.3-r1-s2
Juniper JUNOS=20.3-r2
Juniper JUNOS=20.3-r2-s1
Juniper JUNOS=20.3-r3
Juniper JUNOS=20.3-r3-s1
Juniper JUNOS=20.3-r3-s2
Juniper JUNOS=20.4
Juniper JUNOS=20.4-r1
Juniper JUNOS=20.4-r1-s1
Juniper JUNOS=20.4-r2
Juniper JUNOS=20.4-r2-s1
Juniper JUNOS=20.4-r2-s2
Juniper JUNOS=20.4-r3
Juniper JUNOS=20.4-r3-s1
Juniper JUNOS=21.2
Juniper JUNOS=21.2-r1
Juniper JUNOS=21.2-r1-s1
Juniper JUNOS=21.2-r1-s2
Juniper JUNOS=21.2-r2
Juniper Mx10
Juniper Mx10000
Juniper Mx10003
Juniper Mx10008
Juniper Mx10016
Juniper Mx104
Juniper Mx150
Juniper Mx2008
Juniper Mx2010
Juniper Mx2020
Juniper Mx204
Juniper Mx240
Juniper Mx40
Juniper Mx480
Juniper Mx5
Juniper Mx80
Juniper Mx960
Juniper Qfx5100
Juniper Qfx5100-96s
Juniper Qfx5110
Juniper Qfx5120
Juniper Qfx5130
Juniper Qfx5200
Juniper Qfx5200-32c
Juniper Qfx5200-48y
Juniper Qfx5210
Juniper Qfx5210-64c
Juniper Qfx5220
Juniper Qfx5700

Remedy

The following software releases have been updated to resolve this specific issue: 20.3R3-S3, 20.4R3-S2, 21.2R2-S1, and all subsequent releases.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the vulnerability ID of this security issue?

    The vulnerability ID is CVE-2022-22210.

  • What is the severity level of CVE-2022-22210?

    The severity level of CVE-2022-22210 is medium (CVSS score of 6.5).

  • Which Juniper Networks products are affected by CVE-2022-22210?

    Juniper Networks QFX5000 Series and MX Series with Junos OS versions 20.3 to 20.4 are affected.

  • What is the impact of CVE-2022-22210?

    An unauthenticated adjacent attacker can cause a Denial of Service (DoS) by exploiting the vulnerability.

  • How can I fix CVE-2022-22210?

    Apply the necessary updates or patches provided by Juniper Networks to mitigate the vulnerability.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203