CVE-2024-7095

Name of the Vulnerable Software and Affected Versions Arista EOS versions prior to 4.32.2F

Description On affected platforms running Arista EOS with SNMP configured, if snmp-server transmit max-size is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated, causing SNMP requests to time out until snmpd is restarted, and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well.

Recommendations For Arista EOS versions prior to 4.32.2F, consider disabling the snmp-server transmit max-size configuration to prevent the memory leak until a patch is available. Restrict access to the SNMP service to minimize the risk of exploitation. As a temporary workaround, monitor the system's memory usage and restart the snmpd process if necessary to prevent unexpected terminations.