Memory Leak Vulnerability in Arista EOS with SNMP Configuration
CVE-2024-7095
What is CVE-2024-7095?
On systems running Arista EOS where SNMP is configured, an issue arises when the 'snmp-server transmit max-size' parameter is set. Under specific conditions, a crafted packet can exploit this configuration, leading to a memory leak within the snmpd process. This malfunction could terminate the snmpd process, resulting in SNMP requests failing until the service is restarted, and it may create additional memory pressure that risks the stability of other processes within the switch. Users are advised to review their SNMP configurations and take preventive measures as outlined in Arista's security advisory.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.