Date: March 1st, 2018
|1.0||March 1st, 2018||Initial Release|
Affected Platforms: All EOS platforms
Affected Software Version: This issue was introduced in EOS-4.19.0F release.
The CVE-ID tracking this issue is CVE-2018-5255
CVSS v3: 5.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
This advisory is to document a security vulnerability that affects Arista products. The switch’s Mlag agent may restart unexpectedly when processing malformed UDP packets on a specific UDP port destined to the switch’s ip address. Such malformed UDP packets with specific port numbers are not expected to be received in typical production environments and have to be crafted and sent with the malformed values by a malicious user.
BUG 234146 tracks the potential crash that can be caused by this vulnerability.
The backtrace of the crash file will have the following information if the Mlag agent restarted because of this vulnerability.
.... File "/usr/lib/python2.7/site-packages/MlagShared.py", line 118, in validateHeartbeatPkt struct.unpack( UDPHEARTBEAT_HDR_FORMAT, hdr )......
BUG 234146 tracks this vulnerability. A fix for this issue is available from SW versions 4.19.4M , 4.20.2F onwards.
Resolution: It is recommended to upgrade EOS to versions with the fix or install the patch provided on affected versions of EOS
Patch file download URL:
CVE-2018-5255-4-19-hotfix.swix for SW versions 4.19.0F, 4.19.1F, 4.19.2F, 220.127.116.11F, 18.104.22.168F, 4.19.3F
CVE-2018-5255-4-20-hotfix.swix for SW versions 4.20.1F
Sha256 sum is:
[admin@switch flash]$ sha256sum CVE-2018-5255-4-20-hotfix.swix 0d74ca3d1ea054d388aece073968c8d2c3d153df861230f2a4bb9871bcb49b58 CVE-2018-5255-4-20-hotfix.swix
[admin@switch flash]$ sha256sum CVE-2018-5255-4-19-hotfix.swix 6ed06ff7b8cc33bfd6b2e50725ff215b0abe1b4d44601d824e31efa0a23cae93 CVE-2018-5255-4-19-hotfix.swix
Instructions to install the patch:
switch#copy scp://10.10.0.1/CVE-2018-5255-4-20-hotfix.swix extension: switch#verify /sha256 extension:CVE-2018-5255-4-20-hotfix.swix
switch#show extensions Name Version/Release Status Extension ----------------------------------- -------------------- ----------- --------- CVE-2018-5255-4-20-hotfix.swix 1.0.2/7318675.\ A, I 1 vmahadberlinA1\ patch234146.4
switch#copy installed-extensions boot-extensions switch#show boot-extensions CVE-2018-5255-4-20-hotfix.swix
switch(s1)#copy installed-extensions boot-extensions switch(s2-standby)#copy installed-extensions to boot-extensions
For More Information:
If you require further assistance, or if you have any further questions regarding this security notice, please contact the Arista Networks Technical Assistance Center (TAC) by one of the following methods:
Open a Service Request:
By email: firstname.lastname@example.org
By telephone: 408-547-5502