NTP BUG 3592: DoS Attack on Unauthenticated Client
Last update: February 15, 2022 15:25 UTC (b158e7036)
Summary
Description
The fix for 3445 introduced a bug whereby a system that is running ntp-4.2.8p12 or p13 that only has one unauthenticated time source can be attacked in a way that causes the victim’s next poll to its source to be delayed, for as long as the attack is maintained.
Mitigation
- Use authentication with symmetric peers.
- Have enough sources of time.
- Upgrade to 4.2.8p14 or later.
Credit
Reported by Miroslav Lichvar.
Timeline