An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). A PFE crash will happen when a GPRS Tunnel Protocol (GTP) packet is received with a malformed field in the IP header of GTP encapsulated General Packet Radio Services (GPRS) traffic. The packet needs to match existing state which is outside the attackers control, so the issue cannot be directly exploited. The issue will only be observed when endpoint address validation is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; 22.1 versions prior to 22.1R1-S1, 22.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2022-10-18T02:46:37.181379Z

Updated: 2024-09-16T22:21:08.750Z

Reserved: 2021-12-21T00:00:00

Link: CVE-2022-22235

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-10-18T03:15:10.537

Modified: 2022-10-21T19:01:08.627

Link: CVE-2022-22235

cve-icon Redhat

No data.