A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can be triggered by a specific Session Initiation Protocol (SIP) invite packet if the SIP ALG is enabled. Due to this, the PIC will be rebooted and all traffic that traverses the PIC will be dropped. This issue affects: Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2022-01-19T00:21:28.309624Z

Updated: 2024-09-17T01:05:59.860Z

Reserved: 2021-12-21T00:00:00

Link: CVE-2022-22178

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-01-19T01:15:09.577

Modified: 2022-01-26T19:29:51.343

Link: CVE-2022-22178

cve-icon Redhat

No data.