CVE-2022-22195 | Vulnerability Database | Aqua Security

An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS.

Weakness

The product uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.

Affected Software

Name	Vendor	Start Version	End Version
Junos_os_evolved	Juniper	*	20.4 (excluding)
Junos_os_evolved	Juniper	20.4-r1 (including)	20.4-r1 (including)
Junos_os_evolved	Juniper	20.4-r1-s1 (including)	20.4-r1-s1 (including)
Junos_os_evolved	Juniper	20.4-r1-s2 (including)	20.4-r1-s2 (including)
Junos_os_evolved	Juniper	20.4-r2 (including)	20.4-r2 (including)
Junos_os_evolved	Juniper	20.4-r2-s1 (including)	20.4-r2-s1 (including)
Junos_os_evolved	Juniper	20.4-r2-s2 (including)	20.4-r2-s2 (including)
Junos_os_evolved	Juniper	20.4-r2-s3 (including)	20.4-r2-s3 (including)
Junos_os_evolved	Juniper	20.4-r3 (including)	20.4-r3 (including)
Junos_os_evolved	Juniper	21.1-r1 (including)	21.1-r1 (including)
Junos_os_evolved	Juniper	21.1-r1-s1 (including)	21.1-r1-s1 (including)
Junos_os_evolved	Juniper	21.1-r2 (including)	21.1-r2 (including)
Junos_os_evolved	Juniper	21.2-r1 (including)	21.2-r1 (including)
Junos_os_evolved	Juniper	21.2-r1-s1 (including)	21.2-r1-s1 (including)
Junos_os_evolved	Juniper	21.2-r2 (including)	21.2-r2 (including)
Junos_os_evolved	Juniper	21.3-r1 (including)	21.3-r1 (including)
Junos_os_evolved	Juniper	21.3-r1-s1 (including)	21.3-r1-s1 (including)

References

https://kb.juniper.net/JSA69508

NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-22195
CWE	https://cwe.mitre.org/data/definitions/911.html