Описание
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
Отчет
Red Hat deems this to be a configuration issue. There is no vulnerability in the Linux kernel itself, there is a lot of ways to misuse the filtering facilities provided by the kernel and do insecure filtering rules, but you also have everything to actually set up secure rules.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP in ...
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.
Уязвимость реализации протокола инкапсуляции Ethernet, связанная с возможностью объединения заголовков, позволяющая нарушителю вызвать отказ в обслуживании или реализовать атаку «человек посередине» (MITM)
EPSS
5.3 Medium
CVSS3