PT-2024-11208 · Linux+2 · Linux Kernel+2
Published
2021-05-23
·
Updated
2024-08-19
·
CVE-2021-47160
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to the Linux kernel's handling of VLAN traffic leaks. When VLAN filtering is enabled, the PCR MATRIX field is set to all 1's, but it is not reset when VLAN filtering is disabled, which may cause traffic leaks. This can be demonstrated by setting up two bridges, br0 and br1, with VLAN filtering enabled, and then disabling VLAN filtering. As a result, traffic in br0 and br1 will start leaking to each other. The
port bridge {add,del} functions have set up PCR MATRIX properly, so the PCR MATRIX write from mt7530 port set vlan aware can be removed.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Suse