Juniper Junos OS Packet Forwarding Engine improper preservation of consistency between independent representations of shared state

Summaryinfo

A vulnerability classified as problematic has been found in Juniper Junos OS. Affected is an unknown function of the component Packet Forwarding Engine. The manipulation leads to improper preservation of consistency between independent representations of shared state. This vulnerability is listed as CVE-2022-22234. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as critical, has been found in Juniper Junos OS (Router Operating System) (version now known). This issue affects some unknown processing of the component Packet Forwarding Engine. The manipulation with an unknown input leads to a improper preservation of consistency between independent representations of shared state vulnerability. Using CWE to declare the problem leads to CWE-1250. The product has or supports multiple distributed components or sub-systems that are each required to keep their own local copy of shared data - such as state or cache - but the product does not ensure that all local copies remain consistent with each other. Impacted is availability. The summary by CVE is:

An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). If the device is very busy for example while executing a series of show commands on the CLI one or more SFPs might not be detected anymore. The system then changes its state to "unplugged" which is leading to traffic impact and at least a partial DoS. Once the system is less busy the port states return to their actual value. Indicators of compromise are log messages about unplugged SFPs and corresponding syspld messages without any physical or environmental cause. These can be checked by issuing the following commands: user@device# show log messages | match unplugged %PFE-6: fpc0 sfp-0/1/2 SFP unplugged %PFE-6: fpc0 sfp-0/1/3 SFP unplugged The following log messages will also be seen when this issue happens: fpc0 Error tvp_drv_syspld_read: syspld read failed for address <address> fpc0 Error[-1]:tvp_optics_presence_get - Syspld read failed for port <pic/port> fpc0 optics pres failed(-1) for pic <pic> port <port> fpc0 tvp_drv_syspld_read: i2c access retry count 200 This issue affects Juniper Networks Junos OS on EX2300 Series, EX3400 Series: All versions prior to 18.4R3-S11; 19.1 versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2.

The weakness was presented 10/18/2022 as JSA69890. The advisory is shared at kb.juniper.net. The identification of this vulnerability is CVE-2022-22234 since 12/21/2021. Neither technical details nor an exploit are publicly available.

Upgrading eliminates this vulnerability.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Type

• Router Operating System

Vendor

• Juniper

Name

• Junos OS

License

• commercial

Website

• Vendor: https://www.juniper.net/

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion