CVE-2022-22192

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 20.4R3-S4-EVO Juniper Networks Junos OS Evolved versions prior to 21.3R3-EVO Juniper Networks Junos OS Evolved versions prior to 21.4R3-EVO Juniper Networks Junos OS Evolved versions prior to 22.1R2-EVO

Description The issue is caused by an improper validation of syntactic correctness of input in the kernel of Juniper Networks Junos OS Evolved on PTX series devices, allowing a network-based, unauthenticated attacker to cause a Denial of Service (DoS). This can occur when an incoming TCP packet destined to the device is malformed, potentially leading to a kernel panic. Only TCP packets destined to the ports for BGP, LDP, and MSDP can trigger this issue. The affected devices are PTX10004, PTX10008, and PTX10016.

Recommendations For versions prior to 20.4R3-S4-EVO, update to 20.4R3-S4-EVO or later. For versions prior to 21.3R3-EVO, update to 21.3R3-EVO or later. For versions prior to 21.4R3-EVO, update to 21.4R3-EVO or later. For versions prior to 22.1R2-EVO, update to 22.1R2-EVO or later. As a temporary workaround, consider restricting access to the BGP, LDP, and MSDP ports to minimize the risk of exploitation.