CVE-2023-24510

On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.

Description

On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.

Solution:

CVE-2023-24510 has been fixed in the following releases: - 4.29.2F and later releases in the 4.29.x train - 4.28.7M and later releases in the 4.28.x train - 4.27.10M and later releases in the 4.27.x train - 4.26.10M and later releases in the 4.26.x train

Workaround:

The hotfix https://www.arista.com/support/advisories-notices/sa-download?sa=87-SecurityAdvisory87_Hotfix.swix can be used to remediate CVE-2023-24510. The hotfix only applies to the releases listed below and no other releases: - 4.29.1F and below releases in the 4.29.x train - 4.28.6.1M and below releases in the 4.28.x train - 4.27.9M and below releases in the 4.27.x train - 4.26.9M and below releases in the 4.26.x train - 4.25.10M and below releases in the 4.25.x train

Link	Tags
https://www.arista.com/en/support/advisories-notices/security-advisory/17445-security-advisory-0087	vendor advisory

What is the severity of CVE-2023-24510?: CVE-2023-24510 has been scored as a high severity vulnerability.
How to fix CVE-2023-24510?: To fix CVE-2023-24510: CVE-2023-24510 has been fixed in the following releases: - 4.29.2F and later releases in the 4.29.x train - 4.28.7M and later releases in the 4.28.x train - 4.27.10M and later releases in the 4.27.x train - 4.26.10M and later releases in the 4.26.x train
Is CVE-2023-24510 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2023-24510 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-24510?: CVE-2023-24510 affects Arista Networks Arista EOS.