CVE-2023-24513Buffer Over-read in Cloudeos

CWE-126Buffer Over-readCWE-125Out-of-bounds Read3 documents3 sources
Severity
7.5HIGHNVD
CNA6.5
EPSS
0.5%
top 33.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Arista CloudeosArista Networks EOS
Timeline
PublishedApr 12

Description

On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDarista/cloudeos4.26.04.26.9m+3
CVEListV5arista_networks/eos4.29.04.29.1F+3

Patches

Patch: www.arista.comPatch: www.arista.com

🔴Vulnerability Details

2
CVEList
On affected platforms running Arista CloudEOS a size check bypass issue in the Software Forwarding Engine (Sfe) may allow buffer over reads in later code. Additionally, depending on configured options2023-04-12
GHSA
GHSA-c6gg-q5f6-74fh: On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sen2023-04-12
CVE-2023-24513 — Buffer Over-read in Arista Cloudeos | cvebase