NTP BUG 3592: DoS Attack on Unauthenticated Client
Last update: May 9, 2023 14:31 UTC (f9b991261)
Summary
Description
The fix for 3445 introduced a bug whereby a system that is running ntp-4.2.8p12 or p13 that only has one unauthenticated time source can be attacked in a way that causes the victim’s next poll to its source to be delayed, for as long as the attack is maintained.
Mitigation
- Use authentication with symmetric peers.
- Have enough sources of time.
- Upgrade to 4.2.8p14 or later.
Credit
Reported by Miroslav Lichvar.
Timeline