First published: Wed Jul 13 2022(Updated: )
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). On QFX5K Series and MX Series, when the PFE receives a specific VxLAN packet the Layer 2 Address Learning Manager (L2ALM) process will crash leading to an FPC reboot. Continued receipt of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on QFX5000 Series, MX Series: 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.2 versions prior to 21.2R2-S1. This issue does not affect Juniper Networks Junos OS: All versions prior to 20.3R1; 21.1 version 21.1R1 and later versions.
Credit: sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Juniper JUNOS | =20.3 | |
Juniper JUNOS | =20.3-r1 | |
Juniper JUNOS | =20.3-r1-s1 | |
Juniper JUNOS | =20.3-r1-s2 | |
Juniper JUNOS | =20.3-r2 | |
Juniper JUNOS | =20.3-r2-s1 | |
Juniper JUNOS | =20.3-r3 | |
Juniper JUNOS | =20.3-r3-s1 | |
Juniper JUNOS | =20.3-r3-s2 | |
Juniper JUNOS | =20.4 | |
Juniper JUNOS | =20.4-r1 | |
Juniper JUNOS | =20.4-r1-s1 | |
Juniper JUNOS | =20.4-r2 | |
Juniper JUNOS | =20.4-r2-s1 | |
Juniper JUNOS | =20.4-r2-s2 | |
Juniper JUNOS | =20.4-r3 | |
Juniper JUNOS | =20.4-r3-s1 | |
Juniper JUNOS | =21.2 | |
Juniper JUNOS | =21.2-r1 | |
Juniper JUNOS | =21.2-r1-s1 | |
Juniper JUNOS | =21.2-r1-s2 | |
Juniper JUNOS | =21.2-r2 | |
Juniper Mx10 | ||
Juniper Mx10000 | ||
Juniper Mx10003 | ||
Juniper Mx10008 | ||
Juniper Mx10016 | ||
Juniper Mx104 | ||
Juniper Mx150 | ||
Juniper Mx2008 | ||
Juniper Mx2010 | ||
Juniper Mx2020 | ||
Juniper Mx204 | ||
Juniper Mx240 | ||
Juniper Mx40 | ||
Juniper Mx480 | ||
Juniper Mx5 | ||
Juniper Mx80 | ||
Juniper Mx960 | ||
Juniper Qfx5100 | ||
Juniper Qfx5100-96s | ||
Juniper Qfx5110 | ||
Juniper Qfx5120 | ||
Juniper Qfx5130 | ||
Juniper Qfx5200 | ||
Juniper Qfx5200-32c | ||
Juniper Qfx5200-48y | ||
Juniper Qfx5210 | ||
Juniper Qfx5210-64c | ||
Juniper Qfx5220 | ||
Juniper Qfx5700 |
The following software releases have been updated to resolve this specific issue: 20.3R3-S3, 20.4R3-S2, 21.2R2-S1, and all subsequent releases.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-22210.
The severity level of CVE-2022-22210 is medium (CVSS score of 6.5).
Juniper Networks QFX5000 Series and MX Series with Junos OS versions 20.3 to 20.4 are affected.
An unauthenticated adjacent attacker can cause a Denial of Service (DoS) by exploiting the vulnerability.
Apply the necessary updates or patches provided by Juniper Networks to mitigate the vulnerability.