CVE-2021-47160 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but was not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge vlan_filtering 1 ip link add br1 type bridge vlan_filtering 1 ip link set swp0 master br0 ip link set swp1 master br1 ip link set br0 type bridge vlan_filtering 0 ip link set br1 type bridge vlan_filtering 0 # traffic in br0 and br1 will start leaking to each other As port_bridge_{add,del} have set up PCR_MATRIX properly, remove the PCR_MATRIX write from mt7530_port_set_vlan_aware.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a
https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488
https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e
https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d
https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2
https://lore.kernel.org/linux-cve-announce/2024032534-CVE-2021-47160-8e53@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47160
https://www.cve.org/CVERecord?id=CVE-2021-47160

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-25T09:16:14.468Z

Updated: 2024-11-04T12:00:34.579Z

Reserved: 2024-03-25T09:12:14.109Z

Link: CVE-2021-47160

Vulnrichment

Updated: 2024-05-23T19:01:19.321Z

NVD

Status : Awaiting Analysis

Published: 2024-03-25T10:15:08.377

Modified: 2024-03-25T13:47:14.087

Link: CVE-2021-47160

Redhat

Severity : Low

Publid Date: 2024-03-25T00:00:00Z

Links: CVE-2021-47160 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47160", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-25T09:12:14.109Z", "datePublished": "2024-03-25T09:16:14.468Z", "dateUpdated": "2024-11-04T12:00:34.579Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:00:34.579Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mt7530: fix VLAN traffic leaks\n\nPCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but\nwas not reset when it is disabled, which may cause traffic leaks:\n\n\tip link add br0 type bridge vlan_filtering 1\n\tip link add br1 type bridge vlan_filtering 1\n\tip link set swp0 master br0\n\tip link set swp1 master br1\n\tip link set br0 type bridge vlan_filtering 0\n\tip link set br1 type bridge vlan_filtering 0\n\t# traffic in br0 and br1 will start leaking to each other\n\nAs port_bridge_{add,del} have set up PCR_MATRIX properly, remove the\nPCR_MATRIX write from mt7530_port_set_vlan_aware."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/dsa/mt7530.c"], "versions": [{"version": "83163f7dca56", "lessThan": "ae389812733b", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "4fe4e1f48ba1", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "b91117b66fe8", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "82ae35b6c14f", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "474a2ddaa192", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/dsa/mt7530.c"], "versions": [{"version": "4.16", "status": "affected"}, {"version": "0", "lessThan": "4.16", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.193", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.124", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.42", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.9", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d"}, {"url": "https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488"}, {"url": "https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2"}, {"url": "https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e"}, {"url": "https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a"}], "title": "net: dsa: mt7530: fix VLAN traffic leaks", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47160", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-25T13:55:35.659497Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:13:48.308Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.982Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47160", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-25T09:12:14.109Z", "datePublished": "2024-03-25T09:16:14.468Z", "dateUpdated": "2024-06-04T17:13:48.308Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:03:05.048Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mt7530: fix VLAN traffic leaks\n\nPCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but\nwas not reset when it is disabled, which may cause traffic leaks:\n\n\tip link add br0 type bridge vlan_filtering 1\n\tip link add br1 type bridge vlan_filtering 1\n\tip link set swp0 master br0\n\tip link set swp1 master br1\n\tip link set br0 type bridge vlan_filtering 0\n\tip link set br1 type bridge vlan_filtering 0\n\t# traffic in br0 and br1 will start leaking to each other\n\nAs port_bridge_{add,del} have set up PCR_MATRIX properly, remove the\nPCR_MATRIX write from mt7530_port_set_vlan_aware."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/dsa/mt7530.c"], "versions": [{"version": "83163f7dca56", "lessThan": "ae389812733b", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "4fe4e1f48ba1", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "b91117b66fe8", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "82ae35b6c14f", "status": "affected", "versionType": "git"}, {"version": "83163f7dca56", "lessThan": "474a2ddaa192", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/dsa/mt7530.c"], "versions": [{"version": "4.16", "status": "affected"}, {"version": "0", "lessThan": "4.16", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.193", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.124", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.42", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.12.9", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d"}, {"url": "https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488"}, {"url": "https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2"}, {"url": "https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e"}, {"url": "https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a"}], "title": "net: dsa: mt7530: fix VLAN traffic leaks", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47160", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-25T13:55:35.659497Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:19.321Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mt7530: fix VLAN traffic leaks\n\nPCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but\nwas not reset when it is disabled, which may cause traffic leaks:\n\n\tip link add br0 type bridge vlan_filtering 1\n\tip link add br1 type bridge vlan_filtering 1\n\tip link set swp0 master br0\n\tip link set swp1 master br1\n\tip link set br0 type bridge vlan_filtering 0\n\tip link set br1 type bridge vlan_filtering 0\n\t# traffic in br0 and br1 will start leaking to each other\n\nAs port_bridge_{add,del} have set up PCR_MATRIX properly, remove the\nPCR_MATRIX write from mt7530_port_set_vlan_aware."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: dsa: mt7530: corregir fugas de tr\u00e1fico de VLAN El campo PCR_MATRIX se configur\u00f3 en todos 1 cuando el filtrado de VLAN est\u00e1 habilitado, pero no se restableci\u00f3 cuando est\u00e1 deshabilitado, lo que puede causar fugas de tr\u00e1fico: enlace ip agregar puente tipo br0 vlan_filtering 1 enlace ip agregar puente tipo br1 vlan_filtering 1 conjunto de enlaces ip swp0 master br0 conjunto de enlaces ip swp1 maestro br1 conjunto de enlaces ip br0 puente tipo vlan_filtering 0 conjunto de enlaces ip br1 tipo puente vlan_filtering 0 # tr\u00e1fico en br0 y br1 comenzar\u00e1n a filtrarse entre s\u00ed. Como port_bridge_{add,del} ha configurado PCR_MATRIX correctamente, elimine la escritura PCR_MATRIX de mt7530_port_set_vlan_aware."}], "id": "CVE-2021-47160", "lastModified": "2024-03-25T13:47:14.087", "metrics": {}, "published": "2024-03-25T10:15:08.377", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: net: dsa: mt7530: fix VLAN traffic leaks", "id": "2271472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271472"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: dsa: mt7530: fix VLAN traffic leaks\nPCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but\nwas not reset when it is disabled, which may cause traffic leaks:\nip link add br0 type bridge vlan_filtering 1\nip link add br1 type bridge vlan_filtering 1\nip link set swp0 master br0\nip link set swp1 master br1\nip link set br0 type bridge vlan_filtering 0\nip link set br1 type bridge vlan_filtering 0\n# traffic in br0 and br1 will start leaking to each other\nAs port_bridge_{add,del} have set up PCR_MATRIX properly, remove the\nPCR_MATRIX write from mt7530_port_set_vlan_aware."], "name": "CVE-2021-47160", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47160\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47160\nhttps://lore.kernel.org/linux-cve-announce/2024032534-CVE-2021-47160-8e53@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.19.193, kernel 5.4.124, kernel 5.10.42, kernel 5.12.9, kernel 5.13"}