CVE-2023-24511

Name of the Vulnerable Software and Affected Versions Arista EOS (affected versions not specified)

Description The issue is caused by a specially crafted packet that can lead to a memory leak in the snmpd process on affected platforms running Arista EOS with SNMP configured. This may result in the snmpd processing being terminated, causing SNMP requests to time out until snmpd is automatically restarted, and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system. It was reported externally by an Arista customer, and Arista is not aware of any malicious uses of this issue in customer networks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.