CVE-2022-22153

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 18.2R3 Junos OS 18.3 versions prior to 18.3R3 Junos OS 18.4 versions prior to 18.4R2-S9, 18.4R3 Junos OS 19.1 versions prior to 19.1R2 Junos OS 19.2 versions prior to 19.2R1-S1, 19.2R2

Description The issue is related to an Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon of Juniper Networks Junos OS on SRX Series and MX Series with SPC3. This allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage of fragmented packets that need to be reassembled, high latency or packet drops might be observed.

Recommendations For Junos OS versions prior to 18.2R3, update to version 18.2R3 or later. For Junos OS 18.3 versions prior to 18.3R3, update to version 18.3R3 or later. For Junos OS 18.4 versions prior to 18.4R2-S9, 18.4R3, update to version 18.4R2-S9, 18.4R3 or later. For Junos OS 19.1 versions prior to 19.1R2, update to version 19.1R2 or later. For Junos OS 19.2 versions prior to 19.2R1-S1, 19.2R2, update to version 19.2R1-S1, 19.2R2 or later.