// For flags

CVE-2021-3570

linuxptp: missing length check of forwarded messages

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.

Se ha encontrado un fallo en el programa ptp4l del paquete linuxptp. Una falta de comprobación de longitud al reenviar un mensaje PTP entre puertos permite a un atacante remoto causar un filtrado de información, un bloqueo o, potencialmente, una ejecución de código remota. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos, así como la disponibilidad del sistema. Este fallo afecta a linuxptp versiones anteriores a 3.1.1, anteriores a 2.0.1, anteriores a 1.9.3, anteriores a 1.8.1, anteriores a 1.7.1, anteriores a 1.6.1 y anteriores a 1.5.1

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-05-31 CVE Reserved
  • 2021-07-06 CVE Published
  • 2024-02-27 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linuxptp Project
Search vendor "Linuxptp Project"
Linuxptp
Search vendor "Linuxptp Project" for product "Linuxptp"
< 1.5.1
Search vendor "Linuxptp Project" for product "Linuxptp" and version " < 1.5.1"
-
Affected
Linuxptp Project
Search vendor "Linuxptp Project"
Linuxptp
Search vendor "Linuxptp Project" for product "Linuxptp"
>= 1.6.0 < 1.6.1
Search vendor "Linuxptp Project" for product "Linuxptp" and version " >= 1.6.0 < 1.6.1"
-
Affected
Linuxptp Project
Search vendor "Linuxptp Project"
Linuxptp
Search vendor "Linuxptp Project" for product "Linuxptp"
>= 1.7.0 < 1.7.1
Search vendor "Linuxptp Project" for product "Linuxptp" and version " >= 1.7.0 < 1.7.1"
-
Affected
Linuxptp Project
Search vendor "Linuxptp Project"
Linuxptp
Search vendor "Linuxptp Project" for product "Linuxptp"
>= 1.8.0 < 1.8.1
Search vendor "Linuxptp Project" for product "Linuxptp" and version " >= 1.8.0 < 1.8.1"
-
Affected
Linuxptp Project
Search vendor "Linuxptp Project"
Linuxptp
Search vendor "Linuxptp Project" for product "Linuxptp"
>= 1.9.0 < 1.9.3
Search vendor "Linuxptp Project" for product "Linuxptp" and version " >= 1.9.0 < 1.9.3"
-
Affected
Linuxptp Project
Search vendor "Linuxptp Project"
Linuxptp
Search vendor "Linuxptp Project" for product "Linuxptp"
>= 2.0.0 < 2.0.1
Search vendor "Linuxptp Project" for product "Linuxptp" and version " >= 2.0.0 < 2.0.1"
-
Affected
Linuxptp Project
Search vendor "Linuxptp Project"
Linuxptp
Search vendor "Linuxptp Project" for product "Linuxptp"
>= 3.0.0 < 3.1.1
Search vendor "Linuxptp Project" for product "Linuxptp" and version " >= 3.0.0 < 3.1.1"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
6.0
Search vendor "Redhat" for product "Enterprise Linux" and version "6.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
7.0
Search vendor "Redhat" for product "Enterprise Linux" and version "7.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
8.0
Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Aus
Search vendor "Redhat" for product "Enterprise Linux Aus"
8.2
Search vendor "Redhat" for product "Enterprise Linux Aus" and version "8.2"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Aus
Search vendor "Redhat" for product "Enterprise Linux Aus"
8.4
Search vendor "Redhat" for product "Enterprise Linux Aus" and version "8.4"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Eus
Search vendor "Redhat" for product "Enterprise Linux Eus"
8.1
Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.1"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Eus
Search vendor "Redhat" for product "Enterprise Linux Eus"
8.2
Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.2"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Tus
Search vendor "Redhat" for product "Enterprise Linux Tus"
8.2
Search vendor "Redhat" for product "Enterprise Linux Tus" and version "8.2"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Tus
Search vendor "Redhat" for product "Enterprise Linux Tus"
8.4
Search vendor "Redhat" for product "Enterprise Linux Tus" and version "8.4"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
33
Search vendor "Fedoraproject" for product "Fedora" and version "33"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
34
Search vendor "Fedoraproject" for product "Fedora" and version "34"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
10.0
Search vendor "Debian" for product "Debian Linux" and version "10.0"
-
Affected