Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-22173

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public Key Infrastructure (PKI) is used in combination with Certificate Revocation List (CRL), if the CRL fails to download the memory allocated to store the CRL is not released. Repeated occurrences will eventually consume all available memory and lead to an inoperable state of the affected system causing a DoS. This issue affects Juniper Networks Junos OS: All versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue can be observed by monitoring the memory utilization of the pkid process via: root@jtac-srx1500-r2003> show system processes extensive | match pki 20931 root 20 0 733M 14352K select 0:00 0.00% pkid which increases over time: root@jtac-srx1500-r2003> show system processes extensive | match pki 22587 root 20 0 901M 181M select 0:03 0.00% pkid

Published

2022-01-19T01:15:09.267

Last Modified

2024-11-21T06:46:18.913

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-401

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	< 18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.3	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	18.4	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.1	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.2	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.3	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	19.4	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.1	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.2	Yes
Operating System	juniper	junos	20.3	Yes
Operating System	juniper	junos	20.3	Yes
Operating System	juniper	junos	20.3	Yes
Operating System	juniper	junos	20.3	Yes
Operating System	juniper	junos	20.3	Yes
Operating System	juniper	junos	20.3	Yes
Operating System	juniper	junos	20.4	Yes
Operating System	juniper	junos	20.4	Yes
Operating System	juniper	junos	20.4	Yes
Operating System	juniper	junos	20.4	Yes
Operating System	juniper	junos	20.4	Yes
Operating System	juniper	junos	20.4	Yes
Operating System	juniper	junos	21.1	Yes
Operating System	juniper	junos	21.1	Yes
Operating System	juniper	junos	21.1	Yes
Operating System	juniper	junos	21.1	Yes
Operating System	juniper	junos	21.2	Yes
Operating System	juniper	junos	21.2	Yes

References

https://kb.juniper.net/JSA11279 Vendor Advisory ([email protected])
https://kb.juniper.net/JSA11279 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)