CVE-2023-24548 : Security Advisory and Response
Learn about CVE-2023-24548 affecting Arista EOS platforms with VXLAN. Impact, technical details, affected systems, and mitigation strategies provided.
This article provides detailed information about CVE-2023-24548, including its impact, technical details, affected systems, and mitigation strategies.
Understanding CVE-2023-24548
CVE-2023-24548 pertains to a vulnerability affecting platforms running Arista EOS with configured VXLAN. It involves the reception of malformed or truncated packets over a VXLAN tunnel, leading to egress ports being unable to forward packets until remediation is applied.
What is CVE-2023-24548?
The vulnerability in CVE-2023-24548 can cause issues in hardware forwarding of packets when malformed or truncated packets are received over a VXLAN tunnel on Arista EOS platforms with VXLAN configured.
The Impact of CVE-2023-24548
The impact of this vulnerability is significant, as it can disrupt the forwarding of packets on affected platforms until the necessary remediation is implemented.
Technical Details of CVE-2023-24548
To be vulnerable to CVE-2023-24548, certain conditions must be met, including enabling IP routing, configuring VXLAN, and ensuring VXLAN extended VLAN or VNI is routable. The detailed configurations required are provided for each condition.
Vulnerability Description
The vulnerability arises from the reception of malformed or truncated packets over a VXLAN tunnel on Arista EOS platforms, causing egress ports to be unable to forward packets.
Affected Systems and Versions
Platforms running Arista EOS with the following affected versions are susceptible to CVE-2023-24548:
- 4.25.0F
- 4.24.0
- 4.23.0
- 4.22.1F
Exploitation Mechanism
The exploitation occurs when malformed or truncated packets over a VXLAN tunnel disrupt hardware forwarding on Arista EOS platforms.
Mitigation and Prevention
It is crucial to address CVE-2023-24548 promptly to prevent any disruptions caused by the vulnerability.
Immediate Steps to Take
There are no specific workarounds available for CVE-2023-24548. The recommended resolution is to upgrade to a remediated software version as soon as possible.
Long-Term Security Practices
Regularly updating and maintaining the software on Arista EOS platforms is essential to prevent vulnerabilities like CVE-2023-24548.
Patching and Updates
CVE-2023-24548 has been fixed in the following Arista EOS software versions:
- 4.30.0F and later releases in the 4.30.x train
- 4.29.0F and later releases in the 4.29.x train
- 4.28.0F and later releases in the 4.28.x train
- 4.27.0F and later releases in the 4.27.x train
- 4.26.0F and later releases in the 4.26.x train
- 4.25.1F and later releases in the 4.25.x train
No further remediation is planned for EOS software versions beyond their standard support lifecycle.
For more information, you can refer to the Arista Security Advisory 89.