NTP BUG 2670: receive(): missing return on error

Last update: February 15, 2022 20:59 UTC (43fbd379b)


Summary

Resolved 4.2.8 18 Dec 2014
References Bug 2670 CVE-2014-9296
Affects All NTP4 releases before 4.2.8. Resolved in 4.2.8.
CVSS2 Score 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Description

Code in ntp_proto.c:receive() is missing a return; in the code path where an error was detected, which meant processing did not stop when a specific rare error occurred. We haven’t found a way for this bug to affect system integrity. If there is no way to affect system integrity the base CVSS score for this bug is 0. If there is one avenue through which system integrity can be partially affected, the base score becomes a 5. If system integrity can be partially affected via all three integrity metrics, the CVSS base score become 7.5.


Mitigation


Credit

This vulnerability was discovered by Stephen Roettger of the Google Security Team.


Timeline