VYPR
Unrated severityNVD Advisory· Published Jan 12, 2023· Updated Apr 8, 2025

Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received

CVE-2023-22416

Description

A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R1-S1, 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1 on SRX Series.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    20.4 < 20.4R3-S5, 21.1 < 21.1R3-S4, 21.2 < 21.2R3-S2, 21.3 < 21.3R3-S1, 21.4 < 21.4R3, 22.1 < 22.1R1-S2,22.1R2, 22.2 < 22.2R1-S1,22.2R2+ 1 more
    • (no CPE)range: 20.4 < 20.4R3-S5, 21.1 < 21.1R3-S4, 21.2 < 21.2R3-S2, 21.3 < 21.3R3-S1, 21.4 < 21.4R3, 22.1 < 22.1R1-S2,22.1R2, 22.2 < 22.2R1-S1,22.2R2
    • (no CPE)range: 20.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.