CVE-2016-1549

Priority
Description
A malicious authenticated peer can create arbitrarily-many ephemeral
associations in order to win the clock selection algorithm in ntpd in NTP
4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and
a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.
Notes
mdeslaurupstream proposes mitigation only
Package
Source: ntp (LP Ubuntu Debian)
Upstream:released (1:4.2.8p7+dfsg-1)
Ubuntu 14.04 ESM (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored
More Information

Updated: 2020-01-29 19:54:26 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)