CVE-2021-27854
First published: Tue Sep 27 2022(Updated: )
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ieee Ieee 802.2 | <=802.2h-1997 | |
| Ietf P802.1q | <=d1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-27854?
CVE-2021-27854 is a vulnerability that allows bypassing layer 2 network filtering capabilities such as IPv6 RA guard using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse.
What is the severity of CVE-2021-27854?
The severity of CVE-2021-27854 is medium with a severity value of 4.7.
How can CVE-2021-27854 be exploited?
CVE-2021-27854 can be exploited by using combinations of VLAN 0 headers, LLC/SNAP headers, and converting frames from Ethernet to Wifi and its reverse to bypass layer 2 network filtering capabilities such as IPv6 RA guard.
What software is affected by CVE-2021-27854?
CVE-2021-27854 affects IEEE 802.2 with version up to and including 802.2h-1997, and IETF P802.1q with version up to and including d1.0.
How can I fix CVE-2021-27854?
To fix CVE-2021-27854, it is recommended to apply the necessary patches or updates provided by the respective vendors or software developers.
- collector/nvd-index
- vendor/ieee
- canonical/ieee ieee 802.2
- version/ieee ieee 802.2/802.2h-1997
- vendor/ietf
- canonical/ietf p802.1q
- version/ietf p802.1q/d1.0