CVE-2021-21404 - log back

CVE-2021-21404 edited at 07 Apr 2021 08:35:11
Description
- A security issue was found in syncthing and syncthing-relaysrv before version 1.15.0. Syncthing can be caused to crash and exit if sent a malformed relay protocol message message with a negative length field. The relay server strelaysrv can be caused to crash and exit if sent a malformed relay protocol message with a negative length field.
+ In Syncthing before version 1.15.0, the relay server `syncthing-relaysrv` can be caused to crash and exit by sending a relay message with a negative length field. Similarly, Syncthing itself can crash for the same reason if given a malformed message from a malicious relay server when attempting to join the relay. Relay joins are essentially random (from a subset of low latency relays) and Syncthing will by default restart when crashing, at which point it's likely to pick another non-malicious relay. This flaw is fixed in version 1.15.0.
CVE-2021-21404 edited at 06 Apr 2021 18:56:34
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A security issue was found in syncthing and syncthing-relaysrv before version 1.15.0. Syncthing can be caused to crash and exit if sent a malformed relay protocol message message with a negative length field. The relay server strelaysrv can be caused to crash and exit if sent a malformed relay protocol message with a negative length field.
References
+ https://github.com/syncthing/syncthing/security/advisories/GHSA-x462-89pf-6r5h
+ https://github.com/syncthing/syncthing/commit/fb4fdaf4c0a79c22cad000c42ac1394e3ccb6a97
Notes
+ Workaround
+ ==========
+
+ Syncthing can be configured to not use relays, or to only use specific, trusted relays. If Syncthing is used in a closed environment or with relaying disabled, i.e., it does not communicate with unknown relays, Syncthing is not vulnerable. There is no known workaround for syncthing-relaysrv.
CVE-2021-21404 created at 06 Apr 2021 18:46:10