CVE-2023-26555

Опубликовано: 11 апр. 2023

Источник: debian

EPSS Низкий

Описание

praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.

Пакеты

Пакет	Статус	Релиз	Тип
ntp	removed		package
ntp	no-dsa	bullseye	package
ntp	no-dsa	buster	package

Примечания

https://github.com/spwpun/ntp-4.2.8p15-cves/blob/main/CVE-2023-26555
https://www.ntp.org/support/securitynotice/ntpbug3807/

EPSS

Процентиль: 69%

0.00595

Низкий

Связанные уязвимости

CVE-2023-26555

CVSS3: 6.4

ubuntu

почти 3 года назад

praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.

CVE-2023-26555

CVSS3: 5.1

redhat

почти 3 года назад

praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.

CVE-2023-26555

CVSS3: 6.4

nvd

почти 3 года назад

praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.

SUSE-SU-2023:2609-1

suse-cvrf

больше 2 лет назад

Security update for ntp

SUSE-SU-2023:2608-1

suse-cvrf

больше 2 лет назад

Security update for ntp

EPSS

Процентиль: 69%

0.00595

Низкий