On affected platforms running Arista CloudEOS a size check bypass issue in the Software Forwarding Engine (Sfe) may allow buffer over reads in later code. Additionally, depending on configured options this may cause a recomputation of the TCP checksum ...
CVE-2023-24513

6.5MEDIUM

Key Information:

Vendor: Arista Networks
Status: Eos
Vendor: CVE Published:; 12 April 2023

🔔 Create Arista Networks Vulnerability Alert

What is CVE-2023-24513?

A vulnerability exists in Arista CloudEOS that affects the Software Forwarding Engine (SFE). When malformed packets are sent to the switch, it may result in packet buffer leaks. If the switch receives a substantial amount of these malformed packets, it can cease forwarding traffic, leading to potential network outages and degraded service. This underscores the necessity for robust network security measures and timely updates.

Affected Version(s)

EOS 4.29.0 <= 4.29.1F

EOS 4.28.0 <= 4.28.5M

EOS 4.27.0 <= 4.27.8M

References

https://www.arista.com/en/support/advisories-notices/secu...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2023
Vulnerability Reserved
Jan 24, 2023