CVE-2023-24510

Summary

On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.

Affected Software

VendorProductVersion RangeStatus
Arista NetworksArista EOS4.25.0F <= 4.25.10Maffected
Arista NetworksArista EOS4.26.0F <= 4.26.9Maffected
Arista NetworksArista EOS4.27.0F <= 4.27.9Maffected
Arista NetworksArista EOS4.28.0F <= 4.28.6.1Maffected
Arista NetworksArista EOS4.29.0F <= 4.29.1Faffected

Weaknesses

  • CWE-755: CWE-755 Improper Handling of Exceptional Conditions

Workarounds

The hotfix https://www.arista.com/support/advisories-notices/sa-download?sa=87-SecurityAdvisory87_Hotfix.swix can be used to remediate CVE-2023-24510. The hotfix only applies to the releases listed below and no other releases:

  • 4.29.1F and below releases in the 4.29.x train
  • 4.28.6.1M and below releases in the 4.28.x train
  • 4.27.9M and below releases in the 4.27.x train
  • 4.26.9M and below releases in the 4.26.x train
  • 4.25.10M and below releases in the 4.25.x train

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References