Arista Security Advisories
Security Advisory 0089
Date: August 23, 2023
Revision
Date
Changes
1.0
August 23, 2023
Initial release
The CVE-ID tracking this issue: CVE-2023-24548 CVSSv3.1 Base Score: 5.3 (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) Common Weakness Enumeration: CWE-120 Buffer Copy without Checking Size of Input This vulnerability is being tracked by BUG 828687
Description
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel an ...
Security Advisory 0088
Date: August 23, 2023
Revision
Date
Changes
1.0
August 23, 2023
Initial release
The CVE-ID tracking this issue: CVE-2023-3646 CVSSv3.1 Base Score: 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) Common Weakness Enumeration: CWE-125 Out-of-bounds Read This vulnerability is being tracked by BUG829136, which is triggered by BUG765111
Description
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error m ...