Unrated severityNVD Advisory· Published Jul 20, 2022· Updated Sep 16, 2024
Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash
CVE-2022-22207
Description
A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2.
Affected products
3- Range: Same as Junos OS versions listed above
20.1 > 20.1R1 through 21.2R2 (affected versions listed per release)+ 1 more
- (no CPE)range: 20.1 > 20.1R1 through 21.2R2 (affected versions listed per release)
- (no CPE)range: 20.1R1
Patches
Vulnerability mechanics
References
1- kb.juniper.net/JSA69711mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.