CVE-2022-22250

An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to cause a Denial of Service (DoS). In an EVPN-MPLS scenario, if MAC is learned locally on an access interface but later a request to delete is received indicating that the MAC was learnt remotely, this can lead to memory corruption which can result in line card crash and reload. This issue affects: Juniper Networks Junos OS All versions 17.3R1 and later versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S8; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.1-EVO version 21.1R1-EVO and later versions; 21.2-EVO versions prior to 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO; 21.4-EVO versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R1.

An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to cause a Denial of Service (DoS). In an EVPN-MPLS scenario, if MAC is learned locally on an access interface but later a request to delete is received indicating that the MAC was learnt remotely, this can lead to memory corruption which can result in line card crash and reload. This issue affects: Juniper Networks Junos OS All versions 17.3R1 and later versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S8; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.1-EVO version 21.1R1-EVO and later versions; 21.2-EVO versions prior to 21.2R3-EVO; 21.3-EVO versions prior to 21.3R2-EVO; 21.4-EVO versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R1.

Una vulnerabilidad de Control Inapropiado de un Recurso Mediante su Vida Útil en Packet Forwarding Engine (PFE) de Juniper Networks Junos OS y Junos OS Evolved permite a un atacante adyacente no autenticado causar una Denegación de Servicio (DoS). En un escenario EVPN-MPLS, si la MAC es aprendida localmente en una interfaz de acceso pero más tarde es recibida una petición de borrado indicando que la MAC fue aprendida de forma remota, esto puede conllevar a una corrupción de la memoria que puede resultar en un bloqueo de la tarjeta de línea y su recarga. Este problema afecta a: Juniper Networks Junos OS Todas las versiones 17.3R1 y posteriores anteriores a 19.2R3-S5; 19.3 versiones anteriores a 19.3R3-S5; 19.4 versiones anteriores a 19.4R2-S6, 19.4R3-S8; 20.1 versión 20.1R1 y posteriores; 20.2 versiones anteriores a 20. 2R3-S4; 20.3 versiones anteriores a 20.3R3-S3; 20.4 versiones anteriores a 20.4R3-S3; 21.1 versiones anteriores a 21.1R3-S1; 21.2 versiones anteriores a 21.2R3; 21.3 versiones anteriores a 21.3R2; 21.4 versiones anteriores a 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved Todas las versiones anteriores a 20.4R3-S3-EVO; 21.1-EVO versión 21.1R1-EVO y versiones posteriores; 21.2-EVO versiones anteriores a 21.2R3-EVO; 21.3-EVO versiones anteriores a 21.3R2-EVO; 21.4-EVO versiones anteriores a 21.4R1-S1-EVO, 21.4R2-EVO. Este problema no afecta a Juniper Networks Junos OS versiones anteriores a 17.3R1