CVE-2026-2379

Summary

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulting in sequence number mismatches between tunnel endpoints potentially causing unstable communication.

Affected Software

VendorProductVersion RangeStatus
Arista NetworksEOS4.34.0 <= 4.34.3Maffected
Arista NetworksEOS4.33.0M <= 4.33.5Maffected
Arista NetworksEOS4.32.0M <= 4.32.7Maffected
Arista NetworksEOS4.31.0M <= 4.31.9Maffected
Arista NetworksEOS4.30.0F < 4.31.0affected
Arista NetworksEOS4.29.0F < 4.30.0affected
Arista NetworksEOS4.28.0F < 4.29.0affected
Arista NetworksEOS4.27.1F < 4.28.0affected

Weaknesses

  • CWE-672: CWE-672: Operation on a Resource after Expiration or Release

Workarounds

There is no known mitigation for CVE-2026-2379. The recommended resolution is to upgrade to a remediated software version at your earliest convenience.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References