Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options ma
Vulnerability Description
On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options may bypass the feature's set nexthop action and be slow-path forwarded (FIB routed) by the kernel as the packets are trapped to the CPU instead of following the redirect action's destination.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Type
N/A
Vulnerability Title
Arista EOS 安全漏洞
Vulnerability Description
Arista EOS是美国Arista公司的一个完全可编程的、高度模块化的、基于Linux的网络操作系统。 Arista EOS存在安全漏洞,该漏洞源于在运行 Arista EOS 的受影响平台上,如果将部分功能配置为将 IP 流量重定向到下一跳可能会绕过该功能设置的下一跳操作,并由内核进行慢速路径转发(FIB 路由),因为数据包被困在 CPU 中,而不是遵循重定向操作的目的地。
CVSS Information
N/A
Vulnerability Type
N/A