CVE-2014-9751
Published: 6 October 2015
The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.
Notes
Author | Note |
---|---|
mdeslaur | this used to be known as CVE-2014-9298, patches were released in USN-2497-1 |
Priority
Status
Package | Release | Status |
---|---|---|
ntp Launchpad, Ubuntu, Debian |
upstream |
Released
(1:4.2.6.p5+dfsg-4)
|
precise |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
vivid |
Not vulnerable
|
|
wily |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
Patches: upstream: https://github.com/ntp-project/ntp/commit/96c37aa51d3033a4b552de3c31d0fc1cc66d1f9b upstream: https://github.com/ntp-project/ntp/commit/96e106df5925c7d4c51b73b2f03ac403e8e1beb2 upstream: https://github.com/ntp-project/ntp/commit/9ebcc199749f89056cf0c5acb82bc5256395102c upstream: https://github.com/ntp-project/ntp/commit/2fb392987ee930becfec6d8843ce96ba9b465dec |