CVE-2021-27861

MEDIUM

Layer 2 - Info Disclosure

Title source: llm

Description

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

References (6)

[Various Sources] https://blog.champtar.fr/VLAN0_LLC_SNAP/

[Third Party Advisory] https://datatracker.ietf.org/doc/draft-ietf-v6ops-ra-guard/08/

[Third Party Advisory] https://standards.ieee.org/ieee/802.1Q/10323/

[Third Party Advisory] https://standards.ieee.org/ieee/802.2/1048/

[Third Party Advisory, US Government Resource] https://kb.cert.org/vuls/id/855201

[Third Party Advisory, US Government Resource] https://www.kb.cert.org/vuls/id/855201

Scores

CVSS v3 4.7

EPSS 0.0011

EPSS Percentile 29.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-290 CWE-130

Status published

Products (2)

ieee/ieee_802.2 < 802.2h-1997

ietf/p802.1q < d1.0

Published Sep 27, 2022

Tracked Since Feb 18, 2026