CVE-2021-47160
net: dsa: mt7530: fix VLAN traffic leaks
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: mt7530: fix VLAN traffic leaks
PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but
was not reset when it is disabled, which may cause traffic leaks:
ip link add br0 type bridge vlan_filtering 1
ip link add br1 type bridge vlan_filtering 1
ip link set swp0 master br0
ip link set swp1 master br1
ip link set br0 type bridge vlan_filtering 0
ip link set br1 type bridge vlan_filtering 0
# traffic in br0 and br1 will start leaking to each other
As port_bridge_{add,del} have set up PCR_MATRIX properly, remove the
PCR_MATRIX write from mt7530_port_set_vlan_aware.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: dsa: mt7530: corregir fugas de tráfico de VLAN El campo PCR_MATRIX se configuró en todos 1 cuando el filtrado de VLAN está habilitado, pero no se restableció cuando está deshabilitado, lo que puede causar fugas de tráfico: enlace ip agregar puente tipo br0 vlan_filtering 1 enlace ip agregar puente tipo br1 vlan_filtering 1 conjunto de enlaces ip swp0 master br0 conjunto de enlaces ip swp1 maestro br1 conjunto de enlaces ip br0 puente tipo vlan_filtering 0 conjunto de enlaces ip br1 tipo puente vlan_filtering 0 # tráfico en br0 y br1 comenzarán a filtrarse entre sí. Como port_bridge_{add,del} ha configurado PCR_MATRIX correctamente, elimine la escritura PCR_MATRIX de mt7530_port_set_vlan_aware.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-25 CVE Reserved
- 2024-03-25 CVE Published
- 2024-03-26 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/83163f7dca5684816d01c8ccf4857aa74801e7b7 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 4.19.193 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 4.19.193" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 5.4.124 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.4.124" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 5.10.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.10.42" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 5.12.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.12.9" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.13" | en |
Affected
|