CVE-2021-21404 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	Yes
Type	Denial of service
Description	In Syncthing before version 1.15.0, the relay server `syncthing-relaysrv` can be caused to crash and exit by sending a relay message with a negative length field. Similarly, Syncthing itself can crash for the same reason if given a malformed message from a malicious relay server when attempting to join the relay. Relay joins are essentially random (from a subset of low latency relays) and Syncthing will by default restart when crashing, at which point it's likely to pick another non-malicious relay. This flaw is fixed in version 1.15.0.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1778	syncthing, syncthing-relaysrv	1.14.0-1	1.15.1-1	Medium	Fixed

References
https://github.com/syncthing/syncthing/security/advisories/GHSA-x462-89pf-6r5h https://github.com/syncthing/syncthing/commit/fb4fdaf4c0a79c22cad000c42ac1394e3ccb6a97

Notes
Workaround ========== Syncthing can be configured to not use relays, or to only use specific, trusted relays. If Syncthing is used in a closed environment or with relaying disabled, i.e., it does not communicate with unknown relays, Syncthing is not vulnerable. There is no known workaround for syncthing-relaysrv.

Notes

Workaround
==========

Syncthing can be configured to not use relays, or to only use specific, trusted relays. If Syncthing is used in a closed environment or with relaying disabled, i.e., it does not communicate with unknown relays, Syncthing is not vulnerable. There is no known workaround for syncthing-relaysrv.