CVE-2023-24545

Summary

On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.

Affected Software

VendorProductVersion RangeStatus
Arista NetworksEOS4.29.0 <= 4.29.1Faffected
Arista NetworksEOS4.28.0 <= 4.28.4Maffected
Arista NetworksEOS4.27.0 <= 4.27.7Maffected
Arista NetworksEOS4.26.8M <= 4.26.8Maffected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

Workarounds

There is no mitigation / workaround for these issues.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References