CVE-2018-5254

Name of the Vulnerable Software and Affected Versions Arista EOS versions prior to 4.20.2F

Description The issue allows remote BGP peers to cause a denial of service by sending an UPDATE message with a malformed path attribute, leading to a restart of the Rib agent. This type of malicious BGP update is not typically expected in production environments and would need to be crafted and sent by a malicious BGP speaker.

Recommendations For versions prior to 4.20.2F, update to version 4.20.2F or later to resolve the issue. As a temporary workaround, consider restricting access to only trusted BGP peers to minimize the risk of exploitation.