CVE-2023-24511

Summary

On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.

Affected Software

VendorProductVersion RangeStatus
Arista NetworksEOS4.28.0 4.28.5.1Maffected
Arista NetworksEOS4.27.0 4.27.8.1Maffected
Arista NetworksEOS4.26.0 4.26.9Maffected
Arista NetworksEOS4.25.0 4.25.10Maffected
Arista NetworksEOS4.24.0 4.24.11Maffected
Arista NetworksEOS4.29.0 <= 4.29.1Faffected

Weaknesses

  • CWE-401: CWE-401 Improper Release of Memory Before Removing Last Reference

Workarounds

If you suspect you are encountering this issue due to malicious activity, the workaround is to enable SNMP service ACLs to only allow specific IP addresses to query SNMP (combined with anti-spoofing ACLs in the rest of the network).

snmp-server ipv4 access-list allowHosts4 snmp-server ipv6 access-list allowHosts6 ! ipv6 access-list allowHosts6 10 permit ipv6 host <ipv6 address> any ! ip access-list allowHosts4 10 permit ip host <ipv4 address> any

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References