First published: Wed Apr 12 2023(Updated: )
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
Credit: psirt@arista.com
Affected Software | Affected Version | How to fix |
---|---|---|
Arista CloudEOS | >=4.26.0<4.26.9m | |
Arista CloudEOS | >=4.27.0<4.27.8m | |
Arista CloudEOS | >=4.28.0<4.28.5m | |
Arista CloudEOS | >=4.29.0<4.29.2f | |
Arista Dca-200-veos |
https://www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085
The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below. CVE-2023-24545 has been fixed in the following releases: 4.29.2F and later releases in the 4.29.x train 4.28.5M and later releases in the 4.28.x train 4.27.8M and later releases in the 4.27.x train 4.26.9M and later releases in the 4.26.x train
The following hotfixes can be applied to remediate both CVE-2023-24545 and CVE-2023-24513. Due to the size of the hotfixes, there are multiple files. Each hotfix applies to a specific set of release trSecurityAdvisory8X_4.28_Hotfix.swixains: Note: Installing/uninstalling the SWIX will cause Sfe agent to restart and stop forwarding traffic for up to 10 seconds. 4.29.1F and below releases in the 4.29.x Train: URL:SecurityAdvisory85_4.29_Hotfix.swix SWIX Hash: SHA512 (SHA-512)c965e149cbbaa8698648af9290c5a728e9fe635186eee7629b789502ef37db4a94beea5ecd20e1dc8a19c2cc8988052b625cfccf764c28b8b0e9e4eef8e79bb4Open with Google Docs 4.28.5M and below releases in the 4.28.x train: URL:SecurityAdvisory85_4.28_Hotfix.swix SWIX Hash: (SHA-512)522d51c6548111d9819ef8b1523b8798ac6847012955e3f885c6f466c81468960fbd4497b45289c8f77297263111340fbdbd7003a30b64e3ef9a270ace62c079 4.27.8M and below releases in the 4.27.x train: URL:SecurityAdvisory85_4.27_Hotfix.swix SWIX Hash: (SHA-512)5ce5479c11abf185f50d484204555b2dfb9b1c93e8f475d027082ca0951cbfca0f331960a1dd111b8c079264b1dab31b0a62c8daf011afb27b1283c2382747a2Open with Go 4.26.9M and below releases in the 4.26.x train: URL:SecurityAdvisory85_4.26_Hotfix.swix SWIX Hash: (SHA-512)9386f12a24f35679bdeb08d506bf0bddb9703d1ef3043de2c06d09ff47f2dd0d1bd7aca0748febb5b04fbdeaed7c4ae2922086fb638c754c3a9a5384306396d2
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-24545 is a vulnerability in Arista CloudEOS that can lead to a denial of service attack by sending malformed packets to the switch.
CVE-2023-24545 has a severity rating of 7.5 (high).
Affected platforms include Arista CloudEOS versions 4.26.0 to 4.26.9m, 4.27.0 to 4.27.8m, 4.28.0 to 4.28.5m, and 4.29.0 to 4.29.2f.
CVE-2023-24545 causes a leak of packet buffers on affected platforms, and if enough malformed packets are received, the switch may eventually stop working.
To mitigate the vulnerability, it is recommended to update Arista CloudEOS to a patched version as specified in the vendor's security advisory.