CVE-2019-18948

Name of the Vulnerable Software and Affected Versions Arista EOS versions 4.21.8M and below in the 4.21.x train Arista EOS versions 4.22.3M and below in the 4.22.x train Arista EOS versions 4.23.1F and below in the 4.23.x train Arista EOS versions 4.15.x Arista EOS versions 4.16.x Arista EOS versions 4.17.x Arista EOS versions 4.18.x Arista EOS versions 4.19.x Arista EOS versions 4.20.x

Description The issue affects Arista EOS, specifically the VxLAN implementation, where certain malformed ARP packets can impact the software forwarding of VxLAN packets. This can cause the VxlanSwFwd agent to crash or restart, particularly in setups involving MLAG configurations or VxLAN routing. The vulnerability is related to the EOS VxLAN code.

Recommendations For Arista EOS versions 4.21.8M and below in the 4.21.x train, update to a version above 4.21.8M to resolve the issue. For Arista EOS versions 4.22.3M and below in the 4.22.x train, update to a version above 4.22.3M to resolve the issue. For Arista EOS versions 4.23.1F and below in the 4.23.x train, update to a version above 4.23.1F to resolve the issue. For Arista EOS versions 4.15.x, 4.16.x, 4.17.x, 4.18.x, 4.19.x, and 4.20.x, consider upgrading to a newer version of EOS that is not affected by this issue. As a temporary workaround, consider restricting the use of VxLAN or implementing additional network security measures to minimize the risk of exploitation until a patch is available.