Arista Networks EOS libresolv Overflow RCE (SA0017)
Medium Nessus Plugin ID 107059
SynopsisThe version of Arista Networks EOS running on the remote device is affected by a remote code execution vulnerability.
DescriptionThe version of Arista Networks EOS running on the remote device is affected by multiple stack-based buffer overflow conditions in the GNU libresolv library, specifically within the send_dg() and send_vc() functions, when handling DNS responses that trigger a call to the getaddrinfo() function with the AF_UNSPEC or AF_INET6 address family.
An unauthenticated, remote attacker can exploit these issues, via a specially crafted DNS response, to cause a denial of service condition or the execution of arbitrary code.
SolutionUpgrade to Arista Networks EOS version 4.13.15M / 4.14.12M / 4.15.5M or later. Alternatively, apply the patch or recommended mitigation referenced in the vendor advisory.