NTP BUG 3043: Autokey association reset

Last update: February 15, 2022 20:59 UTC (43fbd379b)


Summary

Resolved 4.2.8p8 02 June 2016
References Bug 3043 CVE-2016-4955
Affects ntp-4, up to but not including ntp-4.2.8p8,
and ntp-4.3.0 up to, but not including ntp-4.3.93.
Resolved in 4.2.8p8.
CVSS2 Score LOW 2.6 AV:AC:H/Au:N/C:N/I:N/A:P
CVSS3 Score LOW 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Description

An attacker who is able to spoof a packet with a correct origin timestamp before the expected response packet arrives at the target machine can send a CRYPTO_NAK or a bad MAC and cause the association’s peer variables to be cleared. If this can be done often enough, it will prevent that association from working.


Mitigation


Credit

This weakness was discovered by Miroslav Lichvar of Red Hat.


Timeline