NTP BUG 3009: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC
Last update: February 15, 2022 20:59 UTC (43fbd379b)
Using a crafted packet to create a peer association with
hmode > 7 causes the
MATCH_ASSOC() lookup to make an out-of-bounds reference.
This weakness was discovered by Yihan Lian of the Cloud Security Team, Qihoo 360.