Junos OS: SRX Series, MX Series with MX-SPC3 or MS-MPC: Receipt of multiple specific SIP messages results in flow management process crash
Description
A Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in the SIP application layer gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC allows an unauthenticated network-based attacker sending specific SIP messages over TCP to crash the flow management process, leading to a Denial of Service (DoS).
On SRX Series, and MX Series with MX-SPC3 or MS-MPC service cards, receipt of multiple SIP messages causes the SIP headers to be parsed incorrectly, eventually causing a continuous loop and leading to a watchdog timer expiration, crashing the flowd process on SRX Series and MX Series with MX-SPC3, or mspmand process on MX Series with MS-MPC.
This issue only occurs over TCP. SIP messages sent over UDP cannot trigger this issue.
This issue affects Junos OS on SRX Series and MX Series with MX-SPC3 and MS-MPC:
- all versions before 21.2R3-S10,
- from 21.4 before 21.4R3-S12,
- from 22.4 before 22.4R3-S8,
- from 23.2 before 23.2R2-S5,
- from 23.4 before 23.4R2-S6,
- from 24.2 before 24.2R2-S3,
- from 24.4 before 24.4R2-S1,
- from 25.2 before 25.2R1-S1, 25.2R2.
Affected products
2- Range: all versions before 21.2R3-S10; from 21.4 before 21.4R3-S12; from 22.4 before 22.4R3-S8; from 23.2 before 23.2R2-S6; from 23.4 before 23.4R2-S6; from 24.2 before 24.2R2-S3; from 24.4 before 24.4R2-S1; from 25.2 before 25.2R1-S1, 25.2R2
- Juniper Networks/Junos OSv5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- kb.juniper.net/JSA106004mitrevendor-advisory
- supportportal.juniper.net/JSA106004mitrevendor-advisory
News mentions
0No linked articles in our index yet.