Описание
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 3.1-5 |
| bionic | not-affected | 3.2-4ubuntu1 |
| cosmic | not-affected | 3.2-4ubuntu1 |
| devel | not-affected | 3.2-4ubuntu1 |
| esm-apps/xenial | not-affected | 2.1.1-1 |
| esm-infra-legacy/trusty | released | 1.29-1ubuntu0.1 |
| esm-infra/bionic | not-affected | 3.2-4ubuntu1 |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
Показывать по
6.5 Medium
CVSS2
Связанные уязвимости
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
chrony before 1.31.1 does not initialize the last "next" pointer when ...
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
ELSA-2015-2241: chrony security, bug fix, and enhancement update (MODERATE)
6.5 Medium
CVSS2