CVE-2022-22247: Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)
First published: Tue Oct 18 2022(Updated: )
An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Junos Os Evolved | =21.3 | |
| Juniper Junos Os Evolved | =21.3-r1 | |
| Juniper Junos Os Evolved | =21.3-r1-s1 | |
| Juniper Junos Os Evolved | =21.3-r2 | |
| Juniper Junos Os Evolved | =21.4 | |
| Juniper Junos Os Evolved | =21.4-r1 | |
| Juniper Junos Os Evolved | =21.4-r1-s1 | |
| Juniper Junos Os Evolved | =22.1-r1 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS Evolved 21.3R3-EVO, 21.4R2-EVO, 22.1R2-EVO, 22.2R1-EVO, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Juniper Networks Junos OS Evolved vulnerability?
The vulnerability ID for this Juniper Networks Junos OS Evolved vulnerability is CVE-2022-22247.
What is the severity of CVE-2022-22247?
The severity of CVE-2022-22247 is high with a severity value of 7.5.
How does CVE-2022-22247 affect Juniper Junos OS Evolved version 21.3?
CVE-2022-22247 affects Juniper Junos OS Evolved version 21.3 and can lead to a Denial of Service (DoS) condition.
How can an attacker exploit CVE-2022-22247?
An unauthenticated attacker can exploit CVE-2022-22247 by sending a crafted TCP segment to the device, triggering a kernel panic.
Is there a fix available for CVE-2022-22247?
Yes, Juniper Networks has released a fix for CVE-2022-22247. Please refer to the Juniper Networks knowledge base article for more information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/title
- agent/last-modified-date
- agent/author
- agent/remedy
- agent/weakness
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- vendor/juniper
- canonical/juniper junos os evolved
- version/juniper junos os evolved/21.3
- version/juniper junos os evolved/21.3-r1
- version/juniper junos os evolved/21.3-r1-s1
- version/juniper junos os evolved/21.3-r2
- version/juniper junos os evolved/21.4
- version/juniper junos os evolved/21.4-r1
- version/juniper junos os evolved/21.4-r1-s1
- version/juniper junos os evolved/22.1-r1