{"id":"CVE-2021-47160","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mt7530: fix VLAN traffic leaks\n\nPCR_MATRIX field was set to all 1's when VLAN filtering is enabled, but\nwas not reset when it is disabled, which may cause traffic leaks:\n\n\tip link add br0 type bridge vlan_filtering 1\n\tip link add br1 type bridge vlan_filtering 1\n\tip link set swp0 master br0\n\tip link set swp1 master br1\n\tip link set br0 type bridge vlan_filtering 0\n\tip link set br1 type bridge vlan_filtering 0\n\t# traffic in br0 and br1 will start leaking to each other\n\nAs port_bridge_{add,del} have set up PCR_MATRIX properly, remove the\nPCR_MATRIX write from mt7530_port_set_vlan_aware.","modified":"2026-03-15T14:09:19.345920Z","published":"2024-03-25T10:15:08.377Z","related":["SUSE-SU-2024:1465-1","SUSE-SU-2024:1489-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/474a2ddaa192777522a7499784f1d60691cd831a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/4fe4e1f48ba119bdbc7c897c83b04ba0d08f5488"},{"type":"FIX","url":"https://git.kernel.org/stable/c/82ae35b6c14feae5f216913d5b433e143c756d4e"},{"type":"FIX","url":"https://git.kernel.org/stable/c/ae389812733b1b1e8e07fcc238e41db166b5c78d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/b91117b66fe875723a4e79ec6263526fffdb44d2"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47160.json","unresolved_ranges":[{"events":[{"introduced":"4.16"},{"fixed":"4.19.193"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.124"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.42"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.12.9"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.13-rc3"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}