Описание
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. This vulnerability has been patched in version 1.1.3.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.1.3-1build1 |
| esm-apps/noble | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | needs-triage | |
| oracular | ignored | end of life, was needs-triage |
| plucky | not-affected | 1.1.3-1build1 |
| questing | not-affected | 1.1.3-1build1 |
Показывать по
7.5 High
CVSS3
Связанные уязвимости
nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. This vulnerability has been patched in version 1.1.3.
nptd-rs is a tool for synchronizing your computer's clock, implementin ...
Unlimited number of NTS-KE connections can crash ntpd-rs server
7.5 High
CVSS3