CVE-2021-23270
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
En Gargoyle OS versión 1.12.0, cuando un IPv6 es usado, puede ocurrir un bucle de enrutamiento que genera un tráfico de red excesivo entre un dispositivo afectado y el enrutador de su ISP ascendente. Esto ocurre cuando una ruta de prefijo de enlace apunta a un enlace punto a punto, una dirección IPv6 de destino pertenece al prefijo y no es una dirección IPv6 local, y un anuncio de enrutador es recibido con al menos un prefijo IPv6 único global para el cual el flag on-link se establece
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-01-08 CVE Reserved
- 2021-04-12 CVE Published
- 2023-12-27 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-834: Excessive Iteration
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/ericpaulbishop/gargoyle/commit/24afe944a6ffff53d84a748384e276a4e95912ec | 2021-04-27 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gargoyle-router Search vendor "Gargoyle-router" | Gargoyle Search vendor "Gargoyle-router" for product "Gargoyle" | 1.12.0 Search vendor "Gargoyle-router" for product "Gargoyle" and version "1.12.0" | - |
Affected
| ||||||