CVE-2021-3570 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-3570 Interim 1 26 2025-02-17T01:00:31Z current 2021-07-22T00:44:22Z 2025-02-17T01:00:31Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-3570 A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2021-July/009196.html E-Mail link for SUSE-SU-2021:2443-1 https://lists.suse.com/pipermail/sle-security-updates/2021-July/009215.html E-Mail link for SUSE-SU-2021:2472-1 https://lists.suse.com/pipermail/sle-security-updates/2021-July/009224.html E-Mail link for SUSE-SU-2021:2545-1 https://lists.suse.com/pipermail/sle-security-updates/2021-September/009496.html E-Mail link for SUSE-SU-2021:3202-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SID77H42G7M3XGNJH7J3TZVHCIZENMVJ/ E-Mail link for openSUSE-SU-2021:1102-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WQJH6H27YAC2H2WM75ZCWCXIEK3AXNV3/ E-Mail link for openSUSE-SU-2021:3202-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Liberty Linux 7 SUSE Liberty Linux 7 LTSS SUSE Liberty Linux 8 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SP1-BCL SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Manager Proxy 4.0 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Manager Retail Branch Server 4.0 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Manager Server 4.0 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 openSUSE Leap 15.2 openSUSE Leap 15.3 linuxptp-1.4-15.3.1 linuxptp-1.8+git65.g303b08c-3.3.1 linuxptp-1.8+git65.g303b08c-lp152.4.3.1 linuxptp-2.0-2.el7_9.1 linuxptp-2.0-5.el8_4.1 linuxptp-3.1.1-3.3.1 linuxptp-1.4-15.3.1 as a component of HPE Helion OpenStack 8 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE CaaS Platform 4.0 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Enterprise Storage 6 linuxptp-2.0-2.el7_9.1 as a component of SUSE Liberty Linux 7 linuxptp-2.0-2.el7_9.1 as a component of SUSE Liberty Linux 7 LTSS linuxptp-2.0-5.el8_4.1 as a component of SUSE Liberty Linux 8 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15-ESPOS linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 linuxptp-3.1.1-3.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP3 linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server 12 SP3-ESPOS linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server 12 SP3-TERADATA linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server 12 SP4-ESPOS linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server 12 SP4-LTSS linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Server 12 SP5 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Server 15 SP1-BCL linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Server 15-LTSS linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 linuxptp-1.4-15.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Manager Proxy 4.0 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Manager Retail Branch Server 4.0 linuxptp-1.8+git65.g303b08c-3.3.1 as a component of SUSE Manager Server 4.0 linuxptp-1.4-15.3.1 as a component of SUSE OpenStack Cloud 8 linuxptp-1.4-15.3.1 as a component of SUSE OpenStack Cloud 9 linuxptp-1.4-15.3.1 as a component of SUSE OpenStack Cloud Crowbar 8 linuxptp-1.4-15.3.1 as a component of SUSE OpenStack Cloud Crowbar 9 linuxptp-1.8+git65.g303b08c-lp152.4.3.1 as a component of openSUSE Leap 15.2 linuxptp-3.1.1-3.3.1 as a component of openSUSE Leap 15.3 A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This flaw affects linuxptp versions before 3.1.1, before 2.0.1, before 1.9.3, before 1.8.1, before 1.7.1, before 1.6.1 and before 1.5.1. CVE-2021-3570 HPE Helion OpenStack 8:linuxptp-1.4-15.3.1 SUSE CaaS Platform 4.0:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Enterprise Storage 6:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Liberty Linux 7:linuxptp-2.0-2.el7_9.1 SUSE Liberty Linux 7 LTSS:linuxptp-2.0-2.el7_9.1 SUSE Liberty Linux 8:linuxptp-2.0-5.el8_4.1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise High Performance Computing 15-LTSS:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Module for Server Applications 15 SP3:linuxptp-3.1.1-3.3.1 SUSE Linux Enterprise Server 12 SP2-BCL:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server 12 SP3-BCL:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server 12 SP3-ESPOS:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server 12 SP3-LTSS:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server 12 SP3-TERADATA:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server 12 SP4-ESPOS:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server 12 SP4-LTSS:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server 12 SP5:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Server 15 SP1-BCL:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Server 15 SP1-LTSS:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Server 15-LTSS:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:linuxptp-1.4-15.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Server for SAP Applications 15:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP1:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Manager Proxy 4.0:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Manager Retail Branch Server 4.0:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE Manager Server 4.0:linuxptp-1.8+git65.g303b08c-3.3.1 SUSE OpenStack Cloud 8:linuxptp-1.4-15.3.1 SUSE OpenStack Cloud 9:linuxptp-1.4-15.3.1 SUSE OpenStack Cloud Crowbar 8:linuxptp-1.4-15.3.1 SUSE OpenStack Cloud Crowbar 9:linuxptp-1.4-15.3.1 openSUSE Leap 15.2:linuxptp-1.8+git65.g303b08c-lp152.4.3.1 openSUSE Leap 15.3:linuxptp-3.1.1-3.3.1 important 8 AV:N/AC:L/Au:S/C:P/I:P/A:C 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H