The client logging functionality in chronyd in Chrony prior to 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote malicious users to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tuxfamily chrony 1.19 |
||
tuxfamily chrony 1.20 |
||
tuxfamily chrony |
||
tuxfamily chrony 1.19.99.3 |
||
tuxfamily chrony 1.19-1 |
||
tuxfamily chrony 1.19.99.2 |
||
tuxfamily chrony 1.21-pre1 |
||
tuxfamily chrony 1.18 |
||
tuxfamily chrony 1.24-pre1 |
||
tuxfamily chrony 1.19.99.1 |
||
tuxfamily chrony 1.21 |