NTP BUG 2669: Buffer overflow in configure()
Last update: February 15, 2022 20:59 UTC (43fbd379b)
A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the
- Upgrade to 4.2.8 or later.
restrict ... noquery in your
ntp.conf file, for non-trusted senders.
This vulnerability was discovered by Stephen Roettger of the Google Security Team.