Eos Security Vulnerabilities and Issues — Eos CVE List

Lucene search

AristaEos

11 matches found

CVE•added 2020/03/06 3:15 p.m.•649 views

CVE-2020-10188

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

10CVSS9.9AI score0.11181EPSS

CVE•added 2020/01/31 10:15 p.m.•236 views

CVE-2015-6815

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

3.5CVSS5AI score0.01897EPSS

CVE•added 2020/01/23 8:15 p.m.•109 views

CVE-2015-5745

Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.

6.5CVSS6.1AI score0.01476EPSS

CVE•added 2020/01/23 8:15 p.m.•105 views

CVE-2015-5278

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

6.5CVSS7.3AI score0.01817EPSS

CVE•added 2020/01/23 8:15 p.m.•101 views

CVE-2015-5239

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

6.5CVSS6.4AI score0.043EPSS

CVE•added 2020/12/28 7:15 p.m.•67 views

CVE-2020-15898

In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP). This affects: EOS 7170 platforms version 4.21.4.1F and below rele...

5.3CVSS5.2AI score0.00212EPSS

CVE•added 2020/12/28 7:15 p.m.•64 views

CVE-2020-24360

An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in th...

7.4CVSS7.3AI score0.00101EPSS

CVE•added 2020/12/28 4:15 p.m.•63 views

CVE-2020-26569

In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases i...

5.9CVSS5.7AI score0.00389EPSS

CVE•added 2020/04/16 7:15 p.m.•35 views

CVE-2019-18948

An issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding of VxLAN packets. This issue is found in Arista’s EOS VxLAN code, which can allow attackers to crash the VxlanSwFwd agent. This affects EOS 4.21.8M and below releases in the 4.21.x train, 4.22.3M and...

7.5CVSS7.4AI score0.00457EPSS

CVE•added 2020/10/21 10:15 p.m.•33 views

CVE-2020-17355

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.

7.5CVSS7.4AI score0.0056EPSS

CVE•added 2020/10/26 4:15 p.m.•28 views

CVE-2020-15897

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.

7.5CVSS7.5AI score0.00691EPSS