NTP BUG 3007: CRYPTO-NAK DoS
Last update: June 28, 2022 20:06 UTC (57417e17c)
For ntp-4 versions up to but not including ntp-4.2.8p7, an off-path attacker can cause a preemptable client association to be demobilized by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
Furthermore, if the attacker keeps sending crypto NAK packets, for example one every second, the victim never has a chance to reestablish the association and synchronize time with that legitimate server.
For ntp-4.2.8 thru ntp-4.2.8p6 there is less risk because more stringent checks are performed on incoming packets, but there are still ways to exploit this vulnerability in versions before ntp-4.2.8p7.
This weakness was discovered by Stephen Gray and Matthew Van Gundy of Cisco ASIG.