OESA-2021-1267
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1267
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2021-1267.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2021-1267
- Upstream
- Published
- 2021-07-17T11:03:03Z
- Modified
- 2025-09-03T06:17:30.385142Z
- Summary
- linuxptp security update
- Details
-
Linuxptp is an implementation of the Precision Time Protocol (PTP) according to IEEE standard 1588 for Linux. The dual design goals are to provide a robust implementation of the standard and to use the most relevant and modern Application Programming Interfaces (API) offered by the Linux kernel. Supporting legacy APIs and other platforms is not a goal.
Security Fix(es):
A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1.(CVE-2021-3571)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP1 / linuxptp
Package
- Name
- linuxptp
- Purl
- pkg:rpm/openEuler/linuxptp&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.0-4.oe1
Ecosystem specific
{
"aarch64": [
"linuxptp-2.0-4.oe1.aarch64.rpm",
"linuxptp-debuginfo-2.0-4.oe1.aarch64.rpm",
"linuxptp-debugsource-2.0-4.oe1.aarch64.rpm"
],
"noarch": [
"linuxptp-help-2.0-4.oe1.noarch.rpm"
],
"src": [
"linuxptp-2.0-4.oe1.src.rpm"
],
"x86_64": [
"linuxptp-debuginfo-2.0-4.oe1.x86_64.rpm",
"linuxptp-debugsource-2.0-4.oe1.x86_64.rpm",
"linuxptp-2.0-4.oe1.x86_64.rpm"
]
}