Home

Description

On affected platforms running Arista EOS with OSPFv3 configured, a specially crafted packet can cause the OSFPv3 process to have high CPU utilization which may result in the OSFPv3 process being restarted. This may cause disruption in the OSFPv3 routes on the switch. This issue was discovered internally by Arista and is not aware of any malicious uses of this issue in customer networks.

PUBLISHED Reserved 2025-08-11 | Published 2025-12-16 | Updated 2025-12-16 | Assigner Arista




HIGH: 7.1CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-400 Uncontrolled Resource Consumption

Product status

Default status
unaffected

4.34.0 (custom)
affected

4.33.0 (custom)
affected

4.32.0 (custom)
affected

4.31.0 (custom)
affected

Any version
affected

References

www.arista.com/...rity-advisory/23115-security-advisory-0128

cve.org (CVE-2025-8872)

nvd.nist.gov (CVE-2025-8872)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.