CVE-2021-27861

MEDIUM

Published Sep 27, 20223y ago · Modified Jun 17, 20261w ago

4.7 CVSS 3.1

Medium

Published Sep 27, 2022 3y ago

Last Modified Jun 17, 2026 1w ago

Description

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

CVSS Details

Base Score

4.7

Exploitability

2.8

Impact

1.4

Vector string

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Attack Vector Adjacent

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Changed

Confidentiality None

Integrity Low

Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 2

CWE-130

CWE-290

Affected Products 2

Vendor	Product	Version	Range
ieee	ieee_802.2	*	≤802.2h-1997
ietf	p802.1q	*	≤d1.0

References 6

blog.champtar.fr https://blog.champtar.fr/VLAN0_LLC_SNAP/
datatracker.ietf.org https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

Third Party Advisory
kb.cert.org https://kb.cert.org/vuls/id/855201
standards.ieee.org https://standards.ieee.org/ieee/802.1Q/10323/

Third Party Advisory
standards.ieee.org https://standards.ieee.org/ieee/802.2/1048/

Third Party Advisory
kb.cert.org https://www.kb.cert.org/vuls/id/855201

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.