CVE-2022-22236 – Junos OS: SRX Series and MX Series: When specific valid SIP packets are received the PFE will crash
https://notcve.org/view.php?id=CVE-2022-22236
An Access of Uninitialized Pointer vulnerability in SIP Application Layer Gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When specific valid SIP packets are received the PFE will crash and restart. This issue affects Juniper Networks Junos OS on SRX Series and MX Series: 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R2-S2, 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; 22.1 versions prior to 22.1R1-S1, 22.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1. Una vulnerabilidad de acceso de puntero no inicializado en SIP Application Layer Gateway (ALG) de Juniper Networks Junos OS en las series SRX y MX permite a un atacante no autenticado y basado en la red causar una Denegación de Servicio (DoS). • https://kb.juniper.net/JSA69892 • CWE-824: Access of Uninitialized Pointer •
CVE-2022-22210 – Junos OS: QFX5000 Series and MX Series: An l2alm crash leading to an FPC crash can be observed in VxLAN scenario
https://notcve.org/view.php?id=CVE-2022-22210
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). On QFX5K Series and MX Series, when the PFE receives a specific VxLAN packet the Layer 2 Address Learning Manager (L2ALM) process will crash leading to an FPC reboot. Continued receipt of this specific packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on QFX5000 Series, MX Series: 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.2 versions prior to 21.2R2-S1. This issue does not affect Juniper Networks Junos OS: All versions prior to 20.3R1; 21.1 version 21.1R1 and later versions. • https://kb.juniper.net/JSA69714 • CWE-476: NULL Pointer Dereference •
CVE-2022-22207 – Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash
https://notcve.org/view.php?id=CVE-2022-22207
A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2. Una vulnerabilidad de Uso de Memoria Previamente Liberada en el proceso de administración de Advanced Forwarding Toolkit (AFT) (aftmand) de Juniper Networks Junos OS permite a un atacante no autenticado en red causar un bloqueo del kernel debido al sondeo intensivo de las estadísticas de la interfaz de Abstracted Fabric (AF) y, por tanto, una Denegación de Servicio (DoS). La recopilación continuada de estadísticas de la interfaz AF creará una condición de Denegación de Servicio (DoS) sostenida. • https://kb.juniper.net/JSA69711 • CWE-416: Use After Free •
CVE-2022-22204 – Junos OS: MX Series and SRX Series: When receiving a specific SIP packets stale call table entries are created which eventually leads to a DoS for all SIP traffic
https://notcve.org/view.php?id=CVE-2022-22204
An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Juniper Networks Junos OS allows unauthenticated network-based attacker to cause a partial Denial of Service (DoS). On all MX and SRX platforms, if the SIP ALG is enabled, receipt of a specific SIP packet will create a stale SIP entry. Sustained receipt of such packets will cause the SIP call table to eventually fill up and cause a DoS for all SIP traffic. The SIP call usage can be monitored by "show security alg sip calls". To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. • https://kb.juniper.net/JSA69708 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2022-22198 – Junos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format
https://notcve.org/view.php?id=CVE-2022-22198
An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1. • https://kb.juniper.net/JSA69513 • CWE-824: Access of Uninitialized Pointer •