An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2022-27300 | An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2. |
Fixes
Solution
The following software releases have been updated to resolve this specific issue: 18.2R3, 18.3R3, 18.4R2-S9, 18.4R3, 19.1R2, 19.2R1-S1, 19.2R2, 19.3R1, and all subsequent releases.
Workaround
There are no viable workarounds for this issue.
References
Link | Providers |
---|---|
https://kb.juniper.net/JSA11261 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: juniper
Published:
Updated: 2024-09-17T01:50:42.071Z
Reserved: 2021-12-21T00:00:00
Link: CVE-2022-22153

No data.

Status : Modified
Published: 2022-01-19T01:15:08.197
Modified: 2024-11-21T06:46:15.933
Link: CVE-2022-22153

No data.

No data.