CVE-2023-24513

Summary

On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.

Affected Software

VendorProductVersion RangeStatus
Arista NetworksEOS4.29.0 <= 4.29.1Faffected
Arista NetworksEOS4.28.0 <= 4.28.5Maffected
Arista NetworksEOS4.27.0 <= 4.27.8Maffected
Arista NetworksEOS4.26.0 <= 4.26.9Maffected

Weaknesses

  • CWE-126: CWE-126 Buffer Over-read

Workarounds

There is no mitigation / workaround for these issues.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References