CVE-2021-27861 L2 network filtering bypass using stacked VLAN0 and LLC/SNAP headers with invalid lengths

2022-09-2700:00:00

CWE-130

CWE-290

certcc

www.cve.org

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.2%

JSON

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

CNA Affected

[
  {
    "vendor": "IEEE",
    "product": "802.2",
    "versions": [
      {
        "version": "802.2h-1997",
        "status": "affected",
        "lessThanOrEqual": "802.2h-1997",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "IETF",
    "product": "draft-ietf-v6ops-ra-guard",
    "versions": [
      {
        "version": "08",
        "status": "affected",
        "lessThanOrEqual": "08",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "IETF",
    "product": "P802.1Q",
    "versions": [
      {
        "version": "D1.0",
        "status": "affected",
        "lessThanOrEqual": "D1.0",
        "versionType": "custom"
      }
    ]
  }
]