Описание
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.
A flaw was found in the NTP package. This flaw allows an attacker to cause a denial of service by remotely sending malicious data packets to the NTP server.
Отчет
The affected function only sees data that was received via a TTY from a certain GPS receiver, and only if such a GPS receiver is configured in ntp.conf, but it never gets called with data that was received over the network. An exploit would require a manipulated GPS receiver that sends overlong lines to the driver. This means physical access or a compromised host would be needed (if the device allows firmware updates over serial), so we're not looking at an RCE vulnerability here, even on installations that do use this driver.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | ntp | Out of support scope | ||
| Red Hat Enterprise Linux 7 | ntp | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
5.1 Medium
CVSS3
Связанные уязвимости
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-o ...
EPSS
5.1 Medium
CVSS3