Arista Security Advisories

Date: August 23, 2023   Revision Date Changes 1.0 August 23, 2023 Initial release   The CVE-ID tracking this issue: CVE-2023-24548 CVSSv3.1 Base Score: 5.3 (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) Common Weakness Enumeration: CWE-120 Buffer Copy without Checking Size of Input This vulnerability is being tracked by BUG 828687 Description On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel an ...

Date: August 23, 2023     Revision Date Changes 1.0 August 23, 2023 Initial release The CVE-ID tracking this issue: CVE-2023-3646 CVSSv3.1 Base Score: 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) Common Weakness Enumeration: CWE-125 Out-of-bounds Read This vulnerability is being tracked by BUG829136, which is triggered by BUG765111 Description On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error m ...