NTP BUG 2666: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys
Last update: February 15, 2022 20:59 UTC (43fbd379b)
Summary
Description
Prior to ntp-4.2.7p230 ntp-keygen
used a weak seed to prepare a random number generator that was of good quality back in the late 1990s. The random numbers produced was then used to generate symmetric keys. In ntp-4.2.8 we use a current-technology cryptographic random number generator, either RAND_bytes
from OpenSSL, or arc4random()
.
Mitigation
Any of:
- Upgrade to 4.2.7p230 or later.
- Put
restrict ... noquery
in your ntp.conf
file, for non-trusted senders.
Credit
This vulnerability was discovered in ntp-4.2.6 by Stephen Roettger of the Google Security Team.
Timeline