CVE-2022-22204 – Junos OS: MX Series and SRX Series: When receiving a specific SIP packets stale call table entries are created which eventually leads to a DoS for all SIP traffic
https://notcve.org/view.php?id=CVE-2022-22204
An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Juniper Networks Junos OS allows unauthenticated network-based attacker to cause a partial Denial of Service (DoS). On all MX and SRX platforms, if the SIP ALG is enabled, receipt of a specific SIP packet will create a stale SIP entry. Sustained receipt of such packets will cause the SIP call table to eventually fill up and cause a DoS for all SIP traffic. The SIP call usage can be monitored by "show security alg sip calls". To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. • https://kb.juniper.net/JSA69708 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2022-22198 – Junos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format
https://notcve.org/view.php?id=CVE-2022-22198
An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1. • https://kb.juniper.net/JSA69513 • CWE-824: Access of Uninitialized Pointer •
CVE-2022-22178 – Junos OS: MX and SRX series: Flowd core observed if the SIP ALG is enabled and a specific Session Initiation Protocol (SIP) packet is received
https://notcve.org/view.php?id=CVE-2022-22178
A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can be triggered by a specific Session Initiation Protocol (SIP) invite packet if the SIP ALG is enabled. Due to this, the PIC will be rebooted and all traffic that traverses the PIC will be dropped. This issue affects: Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R2. • https://kb.juniper.net/JSA11284 • CWE-121: Stack-based Buffer Overflow •
CVE-2022-22175 – Junos OS: MX Series and SRX Series: The flowd daemon will crash if the SIP ALG is enabled and specific SIP messages are processed
https://notcve.org/view.php?id=CVE-2022-22175
An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can occur in a scenario where the SIP ALG is enabled and specific SIP messages are being processed simultaneously. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R1-S2, 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1. • https://kb.juniper.net/JSA11281 • CWE-667: Improper Locking •
CVE-2022-22168 – Junos OS: vMX and MX150: Specific packets might cause a memory leak and eventually an FPC reboot
https://notcve.org/view.php?id=CVE-2022-22168
An Improper Validation of Specified Type of Input vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to trigger a Missing Release of Memory after Effective Lifetime vulnerability. Continued exploitation of this vulnerability will eventually lead to an FPC reboot and thereby a Denial of Service (DoS). This issue affects: Juniper Networks Junos OS on vMX and MX150: All versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2. Una vulnerabilidad de Comprobación Inapropiada del Tipo de Entrada especificado en el kernel del Sistema Operativo Junos de Juniper Networks permite a un atacante adyacente no autenticado desencadenar una vulnerabilidad de Falta de Liberación de Memoria Después del Tiempo de Vida Efectivo. Una explotación continuada de esta vulnerabilidad conllevará finalmente a un reinicio del FPC y, por tanto, una denegación de servicio (DoS). • https://kb.juniper.net/JSA11275 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-1287: Improper Validation of Specified Type of Input •