CVE-2021-28510: For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
First published: Tue Jan 24 2023(Updated: )
For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable.
Credit: psirt@arista.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arista EOS | <4.23.10 | |
| Arista EOS | >=4.24.0<4.24.8 | |
| Arista EOS | >=4.25.0<4.25.6 | |
| Arista EOS | >=4.26.0<4.26.4 | |
| Arista EOS | >=4.27.0<4.27.1 | |
| Arista 7020r | ||
| Arista 7050cx3-32s | ||
| Arista 7050cx3m-32s | ||
| Arista 7050qx-32s | ||
| Arista 7050qx2-32s | ||
| Arista 7050sx-128 | ||
| Arista 7050sx-64 | ||
| Arista 7050sx-72q | ||
| Arista 7050sx2-128 | ||
| Arista 7050sx2-72q | ||
| Arista 7050sx3-48c8 | ||
| Arista 7050sx3-48yc | ||
| Arista 7050sx3-48yc12 | ||
| Arista 7050sx3-48yc8 | ||
| Arista 7050sx3-96yc8 | ||
| Arista 7050tx-48 | ||
| Arista 7050tx-64 | ||
| Arista 7050tx-72q | ||
| Arista 7050tx2-128 | ||
| Arista 7050tx3-48c8 | ||
| Arista 7060cx-32s | ||
| Arista 7060cx2-32s | ||
| Arista 7060dx4-32 | ||
| Arista 7060px4-32 | ||
| Arista 7060sx2-48yc6 | ||
| Arista 7150s-24 | ||
| Arista 7150s-52 | ||
| Arista 7150s-64 | ||
| Arista 7150sc-24 | ||
| Arista 7150sc-64 | ||
| Arista 7170-32c | ||
| Arista 7170-32cd | ||
| Arista 7170-64c | ||
| Arista 720xp-24y6 | ||
| Arista 720xp-24zy4 | ||
| Arista 720xp-48y6 | ||
| Arista 720xp-48zc2 | ||
| Arista 720xp-96zc2 | ||
| Arista 7250qx-64 | ||
| Arista 7260cx | ||
| Arista 7260cx3 | ||
| Arista 7260cx3-64 | ||
| Arista 7260qx | ||
| Arista 7280e | ||
| Arista 7280r | ||
| Arista 7280r2 | ||
| Arista 7280r3 | ||
| Arista 7280sr3-48yc8 | ||
| Arista 7280sr3k-48yc8 | ||
| Arista 7300x-32q | ||
| Arista 7300x-64s | ||
| Arista 7300x-64t | ||
| Arista 7300x3-32c | ||
| Arista 7300x3-48yc4 | ||
| Arista 7304x3 | ||
| Arista 7308x3 | ||
| Arista 7320x-32c | ||
| Arista 7324x | ||
| Arista 7328x | ||
| Arista 7368x4 | ||
| Arista 7500e | ||
| Arista 7500r | ||
| Arista 7500r2 | ||
| Arista 7500r3 | ||
| Arista 7500r3-24d | ||
| Arista 7500r3-24p | ||
| Arista 7500r3-36cq | ||
| Arista 7500r3k-36cq | ||
| Arista 7504r3 | ||
| Arista 7508r3 | ||
| Arista 7512r3 | ||
| Arista 7800r3-36p | ||
| Arista 7800r3-48cq | ||
| Arista 7800r3k-48cq | ||
| Arista 7804r3 | ||
| Arista 7808r3 |
Remedy
The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below. CVE-2021-28510 has been fixed in the following releases: 4.27.2 and later releases in the 4.27.x train 4.26.5 and later releases in the 4.26.x train 4.25.7 and later releases in the 4.25.x train 4.24.9 and later releases in the 4.24.x train 4.23.11 and later releases in the 4.23.x train
Remedy
Hotfix The following hotfix can be applied to remediate CVE-2021-28510 Note: Installing/uninstalling the SWIX will cause the PTP agent to restart. Version: 1.0 URL:SecurityAdvisory76_CVE-2021-28510_Hotfix.swix SWIX hash: (SHA-512)2b78b8274b7c73083775b0327e13819c655db07e22b80038bb3843002c679a798b53a4638c549a86183e01a835377bf262d27e60020a39516a5d215e2fadb437
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/author
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/arista
- canonical/arista eos
- version/arista eos/4.24.0
- version/arista eos/4.25.0
- version/arista eos/4.26.0
- version/arista eos/4.27.0
- canonical/arista 7020r
- canonical/arista 7050cx3-32s
- canonical/arista 7050cx3m-32s
- canonical/arista 7050qx-32s
- canonical/arista 7050qx2-32s
- canonical/arista 7050sx-128
- canonical/arista 7050sx-64
- canonical/arista 7050sx-72q
- canonical/arista 7050sx2-128
- canonical/arista 7050sx2-72q
- canonical/arista 7050sx3-48c8
- canonical/arista 7050sx3-48yc
- canonical/arista 7050sx3-48yc12
- canonical/arista 7050sx3-48yc8
- canonical/arista 7050sx3-96yc8
- canonical/arista 7050tx-48
- canonical/arista 7050tx-64
- canonical/arista 7050tx-72q
- canonical/arista 7050tx2-128
- canonical/arista 7050tx3-48c8
- canonical/arista 7060cx-32s
- canonical/arista 7060cx2-32s
- canonical/arista 7060dx4-32
- canonical/arista 7060px4-32
- canonical/arista 7060sx2-48yc6
- canonical/arista 7150s-24
- canonical/arista 7150s-52
- canonical/arista 7150s-64
- canonical/arista 7150sc-24
- canonical/arista 7150sc-64
- canonical/arista 7170-32c
- canonical/arista 7170-32cd
- canonical/arista 7170-64c
- canonical/arista 720xp-24y6
- canonical/arista 720xp-24zy4
- canonical/arista 720xp-48y6
- canonical/arista 720xp-48zc2
- canonical/arista 720xp-96zc2
- canonical/arista 7250qx-64
- canonical/arista 7260cx
- canonical/arista 7260cx3
- canonical/arista 7260cx3-64
- canonical/arista 7260qx
- canonical/arista 7280e
- canonical/arista 7280r
- canonical/arista 7280r2
- canonical/arista 7280r3
- canonical/arista 7280sr3-48yc8
- canonical/arista 7280sr3k-48yc8
- canonical/arista 7300x-32q
- canonical/arista 7300x-64s
- canonical/arista 7300x-64t
- canonical/arista 7300x3-32c
- canonical/arista 7300x3-48yc4
- canonical/arista 7304x3
- canonical/arista 7308x3
- canonical/arista 7320x-32c
- canonical/arista 7324x
- canonical/arista 7328x
- canonical/arista 7368x4
- canonical/arista 7500e
- canonical/arista 7500r
- canonical/arista 7500r2
- canonical/arista 7500r3
- canonical/arista 7500r3-24d
- canonical/arista 7500r3-24p
- canonical/arista 7500r3-36cq
- canonical/arista 7500r3k-36cq
- canonical/arista 7504r3
- canonical/arista 7508r3
- canonical/arista 7512r3
- canonical/arista 7800r3-36p
- canonical/arista 7800r3-48cq
- canonical/arista 7800r3k-48cq
- canonical/arista 7804r3
- canonical/arista 7808r3