This advisory addresses TCP networking vulnerabilities in Linux kernels related to Maximum Segment Size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The vulnerabilities can be exploited by sending TCP packets to an IP address on the switch, affecting Management ports, Routed ports, SVI interfaces, and other interfaces with IP accessibility on Arista devices.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center