Arista EOS SNMP Memory Leak Vulnerability in snmpd Process

A memory leak vulnerability has been identified in the snmpd process of Arista EOS platforms with SNMP enabled. When the 'snmp-server transmit max-size' option is configured, a specially crafted packet can cause the snmpd process to consume excessive memory. This may lead to the snmpd process being terminated, causing SNMP request timeouts until snmpd is manually restarted. The increased memory usage can also affect other processes on the switch, potentially leading to their unexpected termination.

Impact

Exploitation of this vulnerability can cause the snmpd process to be terminated due to memory exhaustion, disrupting SNMP services and causing timeouts until snmpd is restarted. This process termination may trigger a system message indicating that the snmpd service has stopped and is being restarted. Additionally, the memory pressure caused by the leaked resources can put other processes at risk of being unexpectedly terminated.

Remediation

To address this vulnerability, users should upgrade to Arista EOS versions 4.32.3M, 4.31.5M, or 4.30.8M. If an immediate upgrade is not possible, SNMP administrators can disable the 'snmp-server transmit max-size' configuration as a temporary workaround.