CVE-2020-15898
https://notcve.org/view.php?id=CVE-2020-15898
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP). This affects: EOS 7170 platforms version 4.21.4.1F and below releases in the 4.21.x train; EOS X-Series versions 4.21.11M and below releases in the 4.21.x train; 4.22.6M and below releases in the 4.22.x train; 4.23.4M and below releases in the 4.23.x train; 4.24.2.1F and below releases in the 4.24.x train. • https://www.arista.com/en/support/advisories-notices/security-advisories/11996-security-advisory-56 •
CVE-2020-24360
https://notcve.org/view.php?id=CVE-2020-24360
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train. Un problema con los paquetes ARP en el EOS de Arista afectando a la serie de productos 7800R3, 7500R3 y 7280R3, puede resultar en un problema que causa un bloqueo del kernel, seguido de una recarga del dispositivo. Las versiones de Arista EOS afectadas son: 4.24.2.4F y versiones por debajo en el tren 4.24.x; 4.23.4M y versiones por debajo en el tren 4.23.x; 4.22.6M y versiones por debajo en el tren 4.22.x • https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59 • CWE-404: Improper Resource Shutdown or Release •
CVE-2020-26569
https://notcve.org/view.php?id=CVE-2020-26569
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train. En unas configuraciones EVPN VxLAN en Arista EOS, los paquetes malformados específicos pueden conllevar a enlaces incorrectos de MAC a IP y, como resultado, los paquetes pueden ser reenviados incorrectamente a través de los límites de la VLAN. Esto puede causar que el tráfico se descarte en la VLAN receptora. • https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57 •
CVE-2020-15897
https://notcve.org/view.php?id=CVE-2020-15897
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router. Arista EOS versiones anteriores a 4.21.12M, versiones 4.22.x anteriores a 4.22.7M, versiones 4.23.x anteriores a 4.23.5M y versiones 4.24.x anteriores a 4.24.2F, permite a atacantes remotos causar pérdida de tráfico o reenvío incorrecto de tráfico por medio de una PDU de estado de enlace malformado hacia el enrutador IS-IS • https://www.arista.com/en/support/advisories-notices/security-advisories/11760-security-advisory-54 •
CVE-2020-17355
https://notcve.org/view.php?id=CVE-2020-17355
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed. Arista EOS versiones anteriores a 4.21.12M, 4.22.x versiones anteriores a 4.22.7M, 4.23.x versiones anteriores a 4.23.5M y 4.24.x versiones anteriores a 4.24.2F, permite a atacantes remotos causar una denegación de servicio (reinicio de agentes) por medio de la creación de un paquete DHCP malformado que conlleva a la instalación de una ruta inapropiada • https://www.arista.com/en/support/advisories-notices/security-advisories/11759-security-advisory-53 •