CVE-2024-9135 - Vulnerability Details - OpenCVE

On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://www.arista.com/en/support/advisories-notices/security-advisory/21092-security-advisory-0110

History

Tue, 04 Mar 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Tue, 04 Mar 2025 20:30:00 +0000

Type	Values Removed	Values Added
Description		On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.
Title		On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.
Weaknesses		CWE-401
References		https://www.arista.com/en/support/advisories-notices/security-advisory/21092-security-advisory-0110
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}`

MITRE

Status: PUBLISHED

Assigner: Arista

Published: 2025-03-04T20:12:02.025Z

Updated: 2025-03-04T20:34:15.951Z

Reserved: 2024-09-23T23:03:07.318Z

Link: CVE-2024-9135

Vulnrichment

Updated: 2025-03-04T20:33:58.136Z

NVD

Status : Received

Published: 2025-03-04T21:15:12.360

Modified: 2025-03-04T21:15:12.360

Link: CVE-2024-9135

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9135", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "state": "PUBLISHED", "assignerShortName": "Arista", "dateReserved": "2024-09-23T23:03:07.318Z", "datePublished": "2025-03-04T20:12:02.025Z", "dateUpdated": "2025-03-04T20:34:15.951Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "EOS", "vendor": "Arista Networks", "versions": [{"status": "affected", "version": "4.33.0"}, {"lessThanOrEqual": "4.31.5", "status": "affected", "version": "4.31.0", "versionType": "custom"}, {"lessThanOrEqual": "4.30.8.1", "status": "affected", "version": "4.30.0", "versionType": "custom"}, {"lessThanOrEqual": "4.29.9.1", "status": "affected", "version": "4.29.0", "versionType": "custom"}, {"status": "affected", "version": "4.28.0"}, {"lessThanOrEqual": "4.27.1", "status": "affected", "version": "4.27.0", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>In order to be vulnerable to CVE-2024-9135, the following condition must be met:</p><p>BGP Link State must be configured:</p><pre>switch# router bgp 65544\nswitch#   address-family link-state\nswitch#       neighbor 192.0.2.9 activate\nswitch#\nswitch#sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n  Description             Neighbor V AS           MsgRcvd   MsgSent InQ OutQ Up/Down State   NlriRcd NlriAcc\n \n  brw363                   192.0.2.9 4 65550       194222   125149   0   0 01:08:41 Estab   211948 211948\n</pre><div> </div><p>If BGP Link State is not configured there is no exposure to this issue. No BGP link-state peering is shown under show bgp link-state summary as below:</p><pre>switch>sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State NlriRcd NlriAcc</pre><br>"}], "value": "In order to be vulnerable to CVE-2024-9135, the following condition must be met:\n\nBGP Link State must be configured:\n\nswitch# router bgp 65544\nswitch# \u00a0 address-family link-state\nswitch# \u00a0 \u00a0 \u00a0 neighbor 192.0.2.9 activate\nswitch#\nswitch#sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n\u00a0 Description \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Neighbor V AS \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 MsgRcvd \u00a0 MsgSent InQ OutQ Up/Down State \u00a0 NlriRcd NlriAcc\n \n\u00a0 brw363 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 192.0.2.9 4 65550 \u00a0 \u00a0 \u00a0 194222 \u00a0 125149 \u00a0 0 \u00a0 0 01:08:41 Estab \u00a0 211948 211948\n\n\n\u00a0\n\nIf BGP Link State is not configured there is no exposure to this issue. No BGP link-state peering is shown under show bgp link-state summary as below:\n\nswitch>sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State NlriRcd NlriAcc"}], "credits": [{"lang": "en", "type": "finder", "value": "Craig Dods from Meta\u2019s Infrastructure Security team."}], "datePublic": "2025-01-21T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.</span><br>"}], "value": "On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping."}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-401", "description": "CWE-401 Missing Release of Memory after Effective Lifetime", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-03-04T20:12:02.025Z"}, "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21092-security-advisory-0110"}], "source": {"advisory": "110", "defect": ["1006114"], "discovery": "UNKNOWN"}, "title": "On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The workaround is to disable the Dynamic Path Selection (DPS) service inside BGP LinkState by disabling the feature toggle. Note this should be done on affected non AWE platforms only.</p><pre>1. Enter \"bash\" shell under EOS prompt\n2. sudo sh -c 'echo \"BgpLsConsumerDps=0\" > /mnt/flash/toggle_override; echo \"BgpLsProducerDps=0\" >> /mnt/flash/toggle_override'\n3. Reload the switch or router</pre>"}], "value": "The workaround is to disable the Dynamic Path Selection (DPS) service inside BGP LinkState by disabling the feature toggle. Note this should be done on affected non AWE platforms only.\n\n1. Enter \"bash\" shell under EOS prompt\n2. sudo sh -c 'echo \"BgpLsConsumerDps=0\" > /mnt/flash/toggle_override; echo \"BgpLsProducerDps=0\" >> /mnt/flash/toggle_override'\n3. Reload the switch or router"}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-04T20:33:54.371098Z", "id": "CVE-2024-9135", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-04T20:34:15.951Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9135", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-04T20:33:54.371098Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-04T20:33:58.136Z"}}], "cna": {"title": "On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.", "source": {"defect": ["1006114"], "advisory": "110", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Craig Dods from Meta\u2019s Infrastructure Security team."}], "impacts": [{"capecId": "CAPEC-130", "descriptions": [{"lang": "en", "value": "CAPEC-130 Excessive Allocation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Arista Networks", "product": "EOS", "versions": [{"status": "affected", "version": "4.33.0"}, {"status": "affected", "version": "4.31.0", "versionType": "custom", "lessThanOrEqual": "4.31.5"}, {"status": "affected", "version": "4.30.0", "versionType": "custom", "lessThanOrEqual": "4.30.8.1"}, {"status": "affected", "version": "4.29.0", "versionType": "custom", "lessThanOrEqual": "4.29.9.1"}, {"status": "affected", "version": "4.28.0"}, {"status": "affected", "version": "4.27.0", "versionType": "custom", "lessThanOrEqual": "4.27.1"}], "defaultStatus": "unaffected"}], "datePublic": "2025-01-21T16:00:00.000Z", "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21092-security-advisory-0110"}], "workarounds": [{"lang": "en", "value": "The workaround is to disable the Dynamic Path Selection (DPS) service inside BGP LinkState by disabling the feature toggle. Note this should be done on affected non AWE platforms only.\n\n1. Enter \"bash\" shell under EOS prompt\n2. sudo sh -c 'echo \"BgpLsConsumerDps=0\" > /mnt/flash/toggle_override; echo \"BgpLsProducerDps=0\" >> /mnt/flash/toggle_override'\n3. Reload the switch or router", "supportingMedia": [{"type": "text/html", "value": "<p>The workaround is to disable the Dynamic Path Selection (DPS) service inside BGP LinkState by disabling the feature toggle. Note this should be done on affected non AWE platforms only.</p><pre>1. Enter \"bash\" shell under EOS prompt\n2. sudo sh -c 'echo \"BgpLsConsumerDps=0\" > /mnt/flash/toggle_override; echo \"BgpLsProducerDps=0\" >> /mnt/flash/toggle_override'\n3. Reload the switch or router</pre>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-401", "description": "CWE-401 Missing Release of Memory after Effective Lifetime"}]}], "configurations": [{"lang": "en", "value": "In order to be vulnerable to CVE-2024-9135, the following condition must be met:\n\nBGP Link State must be configured:\n\nswitch# router bgp 65544\nswitch# \u00a0 address-family link-state\nswitch# \u00a0 \u00a0 \u00a0 neighbor 192.0.2.9 activate\nswitch#\nswitch#sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n\u00a0 Description \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Neighbor V AS \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 MsgRcvd \u00a0 MsgSent InQ OutQ Up/Down State \u00a0 NlriRcd NlriAcc\n \n\u00a0 brw363 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 192.0.2.9 4 65550 \u00a0 \u00a0 \u00a0 194222 \u00a0 125149 \u00a0 0 \u00a0 0 01:08:41 Estab \u00a0 211948 211948\n\n\n\u00a0\n\nIf BGP Link State is not configured there is no exposure to this issue. No BGP link-state peering is shown under show bgp link-state summary as below:\n\nswitch>sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State NlriRcd NlriAcc", "supportingMedia": [{"type": "text/html", "value": "<p>In order to be vulnerable to CVE-2024-9135, the following condition must be met:</p><p>BGP Link State must be configured:</p><pre>switch# router bgp 65544\nswitch#   address-family link-state\nswitch#       neighbor 192.0.2.9 activate\nswitch#\nswitch#sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n  Description             Neighbor V AS           MsgRcvd   MsgSent InQ OutQ Up/Down State   NlriRcd NlriAcc\n \n  brw363                   192.0.2.9 4 65550       194222   125149   0   0 01:08:41 Estab   211948 211948\n</pre><div> </div><p>If BGP Link State is not configured there is no exposure to this issue. No BGP link-state peering is shown under show bgp link-state summary as below:</p><pre>switch>sh bgp link-state summary\nBGP summary information for VRF default\nRouter identifier 192.0.2.2, local AS number 65540\nNeighbor Status Codes: m - Under maintenance\n Description Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State NlriRcd NlriAcc</pre><br>", "base64": false}]}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-03-04T20:12:02.025Z"}}}, "cveMetadata": {"cveId": "CVE-2024-9135", "state": "PUBLISHED", "dateUpdated": "2025-03-04T20:34:15.951Z", "dateReserved": "2024-09-23T23:03:07.318Z", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "datePublished": "2025-03-04T20:12:02.025Z", "assignerShortName": "Arista"}, "dataVersion": "5.1"}