SUSE-SU-2021:3202-1

Опубликовано: 23 сент. 2021

Источник: suse-cvrf

Описание

Security update for linuxptp

This update for linuxptp fixes the following issues:

CVE-2021-3570: Fixed messageLength validation field of incoming messages (bsc#1187646).

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP3

linuxptp-3.1.1-3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20213202-1/
Link for SUSE-SU-2021:3202-1
https://lists.suse.com/pipermail/sle-security-updates/2021-September/009496.html
E-Mail link for SUSE-SU-2021:3202-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1187646
SUSE Bug 1187646
https://www.suse.com/security/cve/CVE-2021-3570/
SUSE CVE CVE-2021-3570 page

Описание

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.

Затронутые продукты

SUSE Linux Enterprise Module for Server Applications 15 SP3:linuxptp-3.1.1-3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3570.html
CVE-2021-3570
https://bugzilla.suse.com/1187646
SUSE Bug 1187646

SUSE-SU-2021:3202-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Server Applications 15 SP3

Ссылки

Уязвимость: CVE-2021-3570

Описание

Затронутые продукты

Ссылки