CVE-2022-22175

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 20.4R3-S1 Junos OS versions prior to 21.1R2-S2, 21.1R3 Junos OS versions prior to 21.2R1-S2, 21.2R2 Junos OS versions prior to 21.3R1-S1, 21.3R2

Description An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a flowprocessing daemon crash and thereby a Denial of Service. This issue occurs when the SIP ALG is enabled and specific SIP messages are being processed simultaneously. Continued receipt of these specific packets will cause a sustained Denial of Service condition.

Recommendations For Junos OS versions prior to 20.4R3-S1, update to 20.4R3-S1 or later. For Junos OS versions prior to 21.1R2-S2, 21.1R3, update to 21.1R2-S2, 21.1R3 or later. For Junos OS versions prior to 21.2R1-S2, 21.2R2, update to 21.2R1-S2, 21.2R2 or later. For Junos OS versions prior to 21.3R1-S1, 21.3R2, update to 21.3R1-S1, 21.3R2 or later.