In some configurations, flooded traffic from the primary VLAN ID of a bridge can be transmitted out of ports that are not assigned as a member of that VLAN. This can result in the associated broadcast, multicast and unknown destination traffic for the primary VLAN to be transmitted out from ports that should not receive the traffic.
- Cumulus Linux 2.5.4
To work around this issue, execute the following commands for the bridge:
cumulus@switch:~$ sudo ifdown [bridge] cumulus@switch:~$ sudo ifup [bridge]
The Cumulus Linux http://repo.cumulusnetworks.com repository was updated with the latest security resolution to this issue.
This issue has a CVSS score of 3.4 (Low). We recommend that you upgrade Cumulus Linux and Cumulus RMP.
We would like to thank Collin Crowell for reporting this issue.
If you have any questions, please contact us.