TencentOS Server 3: linuxptp (TSSA-2022:0255)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0255 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

The vulnerability of the ptp4l software service, which is used to implement the PTP protocol for LinuxPTP, allows a malicious actor to cause an unexpected termination of the application.

The vulnerability of the ptp4l software service for implementing the LinuxPTP timing protocol is due to an operation going beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause an application to terminate abnormally by creating a one-step...

The vulnerability of the ptp4l software service, which is used to implement the PTP protocol for LinuxPTP. This vulnerability allows a intruder to gain unauthorized access to protected information, cause service failures, or execute arbitrary code.

The vulnerability of the ptp4l software service for implementing the PTP protocol in LinuxPTP is related to insufficient checking of the length of transferred messages. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected...