Arista Security Advisories

Date: June 26th, 2019 Version: 1.0 Revision Date Changes 1.0 June 26th, 2019 Initial Release     The CVE-IDs tracking this issue are CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479. CVSSv3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Description: The TCP networking vulnerabilities in the Linux kernels relate to Maximum Segment Size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. This series of CVEs around the Linux kernel can be exploited b ...

.Download CVRF Date: April 16th, 2019 Version: 1.0 Revision Date Changes 1.0 April 16th, 2019 Initial Release   Description: A kernel crash can be triggered remotely through the network by certain malformed packets, specifically by sending an IP packet with rarely used packet options to a switch via a routed port. This is a publicly found vulnerability and the exposure is specific to EosKernel-3.4 that was used in the EOS releases noted below. Arista is using an upd ...