CVE-2022-22180Improper Check for Unusual or Exceptional Conditions in Networks Junos OS

CWE-754Improper Check for Unusual or Exceptional Conditions4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 39.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 19
Latest updateJan 20

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vulnerability may cause traffic to stop being forwarded, or a crash of the fxpc process. An indication of the issue occurring may be observed through the following log messages: Sep 13 17:14:59 hostname : %PFE-3: fpc0 (buf alloc) failed allocating packet

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os18.418.4R2-S10, 18.4R3-S10+11
NVDjuniper/junos12 versions+11

🔴Vulnerability Details

2
GHSA
GHSA-3jvq-22jp-22pp: An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead2022-01-20
CVEList
Junos OS: EX2300 Series, EX2300-MP Series, EX3400 Series: A slow memory leak due to processing of specific IPv6 packets2022-01-19

📋Vendor Advisories

1
Juniper
CVE-2022-22180: An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead2022-01-19
CVE-2022-22180 — Networks Junos OS vulnerability | cvebase