CVE-2022-22233: Junos OS and Junos OS Evolved: In an SR to LDP interworking scenario, with SRMS, when a specific low privileged command is issued on an ABR rpd will crash
First published: Tue Oct 18 2022(Updated: )
An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). In Segment Routing (SR) to Label Distribution Protocol (LDP) interworking scenario, configured with Segment Routing Mapping Server (SRMS) at any node, when an Area Border Router (ABR) leaks the SRMS entries having "S" flag set from IS-IS Level 2 to Level 1, an rpd core might be observed when a specific low privileged CLI command is issued. This issue affects: Juniper Networks Junos OS 21.4 versions prior to 21.4R1-S2, 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R2. Juniper Networks Junos OS Evolved 21.4-EVO versions prior to 21.4R1-S2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO; 22.1-EVO versions prior to 22.1R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.4R1. Juniper Networks Junos OS Evolved versions prior to 21.4R1-EVO.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =21.4 | |
| Juniper JUNOS | =21.4-r1 | |
| Juniper JUNOS | =21.4-r1-s1 | |
| Juniper JUNOS | =21.4-r2 | |
| Juniper JUNOS | =22.1-r1 | |
| Juniper JUNOS | =22.1-r1-s1 | |
| Juniper Junos Os Evolved | =21.4 | |
| Juniper Junos Os Evolved | =21.4-r1 | |
| Juniper Junos Os Evolved | =21.4-r1-s1 | |
| Juniper Junos Os Evolved | =21.4-r2 | |
| Juniper Junos Os Evolved | =22.1-r1 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS: 21.4R1-S2, 21.4R2-S1, 21.4R3, 22.1R2, 22.2R1 and all subsequent releases. Junos OS Evolved: 21.4R1-S2-EVO, 21.4R2-S1-EVO, 21.4R3-EVO, 22.1R2-EVO, 22.2R1-EVO and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-22233.
What is the severity of CVE-2022-22233?
The severity of CVE-2022-22233 is medium with a CVSS score of 5.5.
Which software versions are affected by CVE-2022-22233?
The software versions affected by CVE-2022-22233 are Juniper Networks Junos OS 21.4, 21.4-r1, 21.4-r1-s1, 21.4-r2, 22.1-r1, 22.1-r1-s1, and Juniper Networks Junos OS Evolved 21.4, 21.4-r1, 21.4-r1-s1, 21.4-r2, 22.1-r1.
What is the impact of CVE-2022-22233?
CVE-2022-22233 allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS) by exploiting an Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved.
Is there a fix or patch available for CVE-2022-22233?
Yes, Juniper Networks has provided a fix for the vulnerability. Please refer to the official Juniper Networks knowledge base article for more information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/21.4
- version/juniper junos/21.4-r1
- version/juniper junos/21.4-r1-s1
- version/juniper junos/21.4-r2
- version/juniper junos/22.1-r1
- version/juniper junos/22.1-r1-s1
- canonical/juniper junos os evolved
- version/juniper junos os evolved/21.4
- version/juniper junos os evolved/21.4-r1
- version/juniper junos os evolved/21.4-r1-s1
- version/juniper junos os evolved/21.4-r2
- version/juniper junos os evolved/22.1-r1