linuxptp-2.0-5.el8.1
エラータID: AXSA:2021-2195:03
リリース日:
2021/07/12 Monday - 07:06
題名:
linuxptp-2.0-5.el8.1
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- linuxptp の ptp4l には、PTP メッセージをポート間でフォワーディングする際に
長さチェックが実施されない問題があり、リモートの攻撃者が情報漏洩やクラッシュ、
リモートのコードを実行できてしまう脆弱性があります。(CVE-2021-3570)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-3570
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1.
追加情報:
N/A
ダウンロード:
SRPMS
- linuxptp-2.0-5.el8.1.src.rpm
MD5: effb042812a49eec0052f80afbef60d5
SHA-256: 4f6abee1f46c79781ca0544b76c4ffdbeeedf01d8869b39c0d06db918392993a
Size: 261.91 kB
Asianux Server 8 for x86_64
- linuxptp-2.0-5.el8.1.x86_64.rpm
MD5: f8c751b03e5c23e2aaf9d2b20ded476b
SHA-256: 841ca9f5f5db00dfa3273f3ef03cd3430d61ccf81e47fc023217dfef6b60e8cc
Size: 193.70 kB