Описание
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
chrony before 1.31.1 does not initialize the last "next" pointer when ...
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
ELSA-2015-2241: chrony security, bug fix, and enhancement update (MODERATE)
EPSS
6.5 Medium
CVSS2