Description
cmdmon.c in Chrony before 1.29 allows remote attackers to obtain
potentially sensitive information from stack memory via vectors related to
(1) an invalid subnet in a RPY_SUBNETS_ACCESSED command to the
handle_subnets_accessed function or (2) a RPY_CLIENT_ACCESSES command to
the handle_client_accesses function when client logging is disabled, which
causes uninitialized data to be included in a reply.
Package
Upstream: | released
(1.29)
|
Ubuntu 14.04 ESM (Trusty Tahr): | not-affected
(1.29-1)
|
Ubuntu 20.04 FIPS Compliant (Focal Fossa): | not-affected
(3.2-4ubuntu1)
|
Patches:
Updated: 2022-02-11 00:15:56 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)