How severe is CVE-2021-3571?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2021-3571?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2021-3571 - HIGH Severity | CVSS 7.1

Vulnerability Description

A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this vulnerability is to data confidentiality and system availability. This flaw affects linuxptp versions before 3.1.1 and before 2.0.1.

Related Vulnerabilities

CVE-2015-5261

HIGH

CVSS:7.1(High)

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation.

CWE-1192015

CVE-2016-4743

HIGH

CVSS:7.1(High)

An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves th...

CWE-1192016

CVE-2016-4998

HIGH

CVSS:7.1(High)

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensi...

CWE-1192016

CVE-2017-1105

HIGH

CVSS:7.1(High)

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of...

CWE-1192017

CVE-2017-13820

HIGH

CVSS:7.1(High)

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attackers to obtain sensitive information from process mem...

CWE-1192017

CVE-2017-13850

HIGH

CVSS:7.1(High)

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Font Importer" component. It allows remote attackers to cause a denial of service (memory c...

CWE-1192017