CVE-2022-22179

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 17.4R1 through 18.4R3-S10 Juniper Networks Junos OS versions 19.1 through 19.1R3-S7 Juniper Networks Junos OS versions 19.2 through 19.2R1-S8 Juniper Networks Junos OS versions 19.2 through 19.2R3-S4 Juniper Networks Junos OS versions 19.3 through 19.3R3-S4 Juniper Networks Junos OS versions 19.4 through 19.4R3-S6 Juniper Networks Junos OS versions 20.1 through 20.1R3-S2 Juniper Networks Junos OS versions 20.2 through 20.2R3-S3 Juniper Networks Junos OS versions 20.3 through 20.3R3-S2 Juniper Networks Junos OS versions 20.4 through 20.4R3-S1 Juniper Networks Junos OS versions 21.1 through 21.1R2-S2 Juniper Networks Junos OS versions 21.1 through 21.1R3 Juniper Networks Junos OS versions 21.2 through 21.2R1-S2 Juniper Networks Junos OS versions 21.2 through 21.2R2 Juniper Networks Junos OS versions 21.2 through 21.2R3 Juniper Networks Junos OS versions 21.3 through 21.3R1-S1 Juniper Networks Junos OS versions 21.3 through 21.3R2

Description An Improper Validation of Specified Index, Position, or Offset in Input issue in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). This can occur when a DHCPv4 packet with specific options is received, leading to a corruption of the options read from the packet, which can then cause jdhcpd to crash and restart.

Recommendations Update to a version later than 18.4R3-S10 for Juniper Networks Junos OS 17.4R1 and later versions. Update to a version later than 19.1R3-S7 for 19.1 versions. Update to a version later than 19.2R1-S8 or 19.2R3-S4 for 19.2 versions. Update to a version later than 19.3R3-S4 for 19.3 versions. Update to a version later than 19.4R3-S6 for 19.4 versions. Update to a version later than 20.1R3-S2 for 20.1 versions. Update to a version later than 20.2R3-S3 for 20.2 versions. Update to a version later than 20.3R3-S2 for 20.3 versions. Update to a version later than 20.4R3-S1 for 20.4 versions. Update to a version later than 21.1R2-S2 or 21.1R3 for 21.1 versions. Update to a version later than 21.2R1-S2, 21.2R2, or 21.2R3 for 21.2 versions. Update to a version later than 21.3R1-S1 or 21.3R2 for 21.3 versions.