CVE-2021-21404

EUVD-2021-1226
Syncthing is a continuous file synchronization program. In Syncthing before version 1.15.0, the relay server `strelaysrv` can be caused to crash and exit by sending a relay message with a negative length field. Similarly, Syncthing itself can crash for the same reason if given a malformed message from a malicious relay server when attempting to join the relay. Relay joins are essentially random (from a subset of low latency relays) and Syncthing will by default restart when crashing, at which point it's likely to pick another non-malicious relay. This flaw is fixed in version 1.15.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
GitHub_MCNA
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
Affected Products (NVD)
VendorProductVersion
syncthingsyncthing
𝑥
< 1.15.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
syncthing
bookworm
1.19.2~ds1-1
fixed
bullseye
1.12.1~ds1-4
fixed
buster
postponed
sid
1.27.7~ds1-5
fixed
stretch
postponed
trixie
1.27.7~ds1-5
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
syncthing
bionic
needed
focal
needed
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needed
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needed
trusty
dne
xenial
dne
Common Weakness Enumeration
References
https://github.com/syncthing/syncthing/commit/fb4fdaf4c0a79c22cad000c42ac1394e3ccb6a97
https://github.com/syncthing/syncthing/releases/tag/v1.15.0
https://github.com/syncthing/syncthing/security/advisories/GHSA-x462-89pf-6r5h
https://pkg.go.dev/github.com/syncthing/syncthing
https://github.com/syncthing/syncthing/commit/fb4fdaf4c0a79c22cad000c42ac1394e3ccb6a97
https://github.com/syncthing/syncthing/releases/tag/v1.15.0
https://github.com/syncthing/syncthing/security/advisories/GHSA-x462-89pf-6r5h
https://pkg.go.dev/github.com/syncthing/syncthing