NTP BUG 3110: Windows: ntpd DoS by oversized UDP packet
Last update: June 27, 2022 20:45 UTC (51d68a4aa)
If a vulnerable instance of
ntpd on Windows receives a crafted malicious packet that is “too big”,
ntpd will stop working.
- Implement BCP-38.
- Implement a firewall rule blocking oversized NTP packets.
- Upgrade to 4.2.8p9 or later.
- Properly monitor your
ntpd instances, and auto-restart
-g) if it stops running.
This weakness was discovered by Robert Pajak of ABB.