CVE Vulnerabilities

CVE-2024-42861

Published: Sep 23, 2024 | Modified: Mar 18, 2025

CVSS 3.x

7.5

HIGH

Source:

NVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS 2.x

RedHat/V2

RedHat/V3

6.5 MODERATE

Ubuntu

NEGLIGIBLE

Vulnerability-free packages from our partners

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-42861
CWE	https://cwe.mitre.org/data/definitions/.html

An issue in IEEE 802.1AS linuxptp v.4.2 and before allowing a remote attacker to cause a denial of service via a crafted Pdelay_Req message to the time synchronization function

Affected Software

Name	Vendor	Start Version	End Version
Linuxptp	Linuxptp_project	*	4.2 (including)
Linuxptp	Ubuntu	focal	*
Linuxptp	Ubuntu	oracular	*

References

https://github.com/qiupy123/CVE-2024-42861

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.