153 matches found
CVE-2025-8873
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...
EUVD-2025-210068
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...
CVE-2025-8873 Arista EOS Dataplane Denial of Service via Malformed IPsec Packet
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...
CVE-2025-8873 Arista EOS Dataplane Denial of Service via Malformed IPsec Packet
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...
CVE-2025-8873
CVE-2025-8873 affects Arista EOS with IPsec enabled: a specially crafted packet can stop dataplane processing of all IPsec traffic, with control plane detecting and resetting the IPsec pipeline; after reset, IPsec traffic may not resume. Non-IPsec traffic is unaffected. Affected EOS releases incl...
Arista Networks EOS Buffer Overflow (SA0132)
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic. Note that Nessus has...
CVE-2025-7048
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic...
CVE-2025-7048
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic...
CVE-2025-7048 On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption o
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic...
CVE-2025-7048 On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption o
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain MACsec configurations can cause longer term disruption of dataplane traffic...
CVE-2025-7048
CVE-2025-7048 affects Arista EOS with MACsec enabled. The issue, described as a buffer overflow in the MACsec component, can cause the MACsec process to terminate and, with continued malformed packets, may disrupt dataplane traffic. Affected EOS versions include releases up to 4.34.x/4.33.x/4.32....
SUSE CVE-2025-64715
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network...
PT-2026-1501
Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description A specially crafted packet can cause the MACsec process to terminate unexpectedly on affected platforms running Arista EOS with MACsec configuration. Continuous receipt of these packets wi...
Security Advisory 0132
Security Advisory 0132 . CSAF PDF Date: December 30, 2025 Revision | Date | Changes ---|---|--- 1.0 | December 30, 2025 | Initial release 1.1 | February 3, 2026 | Updated Required Configuration for Exploitation The CVE-ID tracking this issue: CVE-2025-7048 CVSS:3.1 Base Score 4.3...
Security Advisory 0127
Security Advisory 0127 . CSAF PDF Date: November 18, 2025 Revision | Date | Changes ---|---|--- 1.0 | November 18, 2025 | Initial release The CVE-ID tracking this issue: CVE-2025-8873 CVSSv3.1 Base Score: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSSv4.0 Base Score 8.7...
EUVD-2025-175383
A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is...
CVE-2025-4619 PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Packets
A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is...
CVE-2025-4619 PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Packets
A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, or 11.2.x. It is, therefore, affected by a vulnerability. A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a...
Kgateway transformation policy template can emit files from the container
Summary The transformation policy template feature in Kgateway versions through 2.0.4 allows users with TrafficPolicy creation permissions to craft transformations that read and expose arbitrary files from the dataplane container filesystem. Description Impact Users with permissions to create a...