Arista Networks EOS tcp_input Challenge ACKs Shared Counter Disclosure (SA0023)
Medium Nessus Plugin ID 107065
SynopsisThe version of Arista Networks EOS running on the remote device is affected by an information disclosure vulnerability.
DescriptionThe version of Arista Networks EOS running on the remote device is affected by a flaw in the Linux kernel implementation within file net/ipv4/tcp_input.c due to a failure to properly determine the rate of challenge ACK segments. An unauthenticated, remote attacker can exploit this issue to access the shared counter, thereby making it easier for the attacker to hijack TCP sessions via a blind in-window attack.
SolutionContact the vendor for a fixed version. Alternatively, apply the hotfix or recommended mitigations referenced in the vendor advisory.