A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can be triggered by a specific Session Initiation Protocol (SIP) invite packet if the SIP ALG is enabled. Due to this, the PIC will be rebooted and all traffic that traverses the PIC will be dropped. This issue affects: Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://kb.juniper.net/JSA11284 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: juniper
Published: 2022-01-19T00:21:28.309624Z
Updated: 2024-09-17T01:05:59.860Z
Reserved: 2021-12-21T00:00:00
Link: CVE-2022-22178
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-01-19T01:15:09.577
Modified: 2022-01-26T19:29:51.343
Link: CVE-2022-22178
Redhat
No data.