Denial of service in Junos OS FPC
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-22170 CVE-2022-22171 |
| CWE-ID | CWE-401 CWE-754 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Juniper Junos OS Operating systems & Components / Operating system |
| Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Memory leak
EUVDB-ID: #VU59565
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22170
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in the Packet Forwarding Engine (PFE). A remote attacker can send specific packets over VXLAN and perform denial of service attack by resetting FPC.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 19.4 - 21.3R1-S2
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11277&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Check for Unusual or Exceptional Conditions
EUVDB-ID: #VU59566
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22171
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to preform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling in the Packet Forwarding Engine (PFE). A remote attacker can send specially crafted packets over VXLAN and perform a denial of service (DoS) attack by resetting FPC.
Install updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 19.4 - 21.3R1-S2
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA11277&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
