CVE-2022-22226

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series versions 17.1R1 through 17.3R3-S11 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series versions 17.4R1 through 17.4R2-S12 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series versions 17.4R3 through 17.4R3-S4 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 18.1R1 through 18.1R3-S12 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 18.2R1 through 18.2R3-S7 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 18.3R1 through 18.3R3-S4 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series versions 18.4R1 through 18.4R1-S7 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series versions 18.4R2 through 18.4R2-S5 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 18.4R3 through 18.4R3-S5 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.1R1 through 19.1R3-S3 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.2R1 through 19.2R1-S6 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.2R2 through 19.2R3 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.3R1 through 19.3R2-S5 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.3R3 through 19.3R3 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.4R1 through 19.4R1-S3 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.4R2 through 19.4R2-S3 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 19.4R3 through 19.4R3 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 20.1R1 through 20.1R2 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 20.2R1 through 20.2R2-S2 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 20.2R3 through 20.2R3 Juniper Networks Junos OS on EX4300-MP, EX4600, QFX5000 Series version 20.3R1 through 20.3R2

Description The issue is related to an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS. This vulnerability allows an unauthenticated, adjacently located attacker to cause a Denial of Service (DoS) condition by crashing one or more PFEs when specific packets are received and processed by the device. The continued processing of these packets after the automatic restart of the PFE will cause the memory leak to reappear, potentially leading to a sustained Denial of Service condition, depending on the volume of packets received.

Recommendations For versions 17.1R1 through 17.3R3-S11, update to version 17.3R3-S12 or later. For versions 17.4R1 through 17.4R2-S12, update to version 17.4R2-S13 or later. For versions 17.4R3 through 17.4R3-S4, update to version 17.4R3-S5 or later. For version 18.1R1 through 18.1R3-S12, update to version 18.1R3-S13 or later. For version 18.2R1 through 18.2R3-S7, update to version 18.2R3-S8 or later. For version 18.3R1 through 18.3R3-S4, update to version 18.3R3-S5 or later. For versions 18.4R1 through 18.4R1-S7, update to version 18.4R1-S8 or later. For versions 18.4R2 through 18.4R2-S5, update to version 18.4R2-S6 or later. For version 18.4R3 through 18.4R3-S5, update to a later version. For version 19.1R1 through 19.1R3-S3, update to version 19.1R3-S4 or later. For version 19.2R1 through 19.2R1-S6, update to version 19.2R1-S7 or later. For version 19.2R2 through 19.2R3, update to version 19.2R3-S1 or later. For version 19.3R1 through 19.3R2-S5, update to version 19.3R2-S6 or later. For version 19.3R3 through 19.3R3, update to a later version. For version 19.4R1 through 19.4R1-S3, update to version 19.4R1-S4 or later. For version 19.4R2 through 19.4R2-S3, update to version 19.4R2-S4 or later. For version 19.4R3 through 19.4R3, update to a later version. For version 20.1R1 through 20.1R2, update to a later version. For version 20.2R1 through 20.2R2-S2, update to version 20.2R2-S3 or later. For version 20.2R3 through 20.2R3, update to a later version. For version 20.3R1 through 20.3R2, update to a later version.