openSUSE-SU-2021:1102-1

Опубликовано: 09 авг. 2021

Источник: suse-cvrf

Описание

Security update for linuxptp

This update for linuxptp fixes the following issues:

CVE-2021-3570: Validate the messageLength field of incoming messages. (bsc#1187646)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.2

linuxptp-1.8+git65.g303b08c-lp152.4.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SID77H42G7M3XGNJH7J3TZVHCIZENMVJ/
E-Mail link for openSUSE-SU-2021:1102-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1187646
SUSE Bug 1187646
https://www.suse.com/security/cve/CVE-2021-3570/
SUSE CVE CVE-2021-3570 page

Описание

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.

Затронутые продукты

openSUSE Leap 15.2:linuxptp-1.8+git65.g303b08c-lp152.4.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3570.html
CVE-2021-3570
https://bugzilla.suse.com/1187646
SUSE Bug 1187646

openSUSE-SU-2021:1102-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2021-3570

Описание

Затронутые продукты

Ссылки