CVE-2023-26553

2023-04-1121:15:21

Google

osv.dev

ntp

out-of-bounds write

vulnerability

mstolfp

libntp

client process

5.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

5.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.4%

JSON

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

CPENameOperatorVersion
ntpeq1:4.2.8p13+dfsg-1
ntpeq1:4.2.8p15+dfsg-2~1.2.1+dfsg1-7+hurd.1
ntpeq1:4.2.8p15+dfsg-2~1.2.1+dfsg1-8+hurd.1
ntpeq1:4.2.8p14+dfsg-1
ntpeq1:4.2.8p12+dfsg-4
ntpeq1:4.2.8p13+dfsg-2
ntpeq1:4.2.8p14+dfsg-2
ntpeq1:4.2.8p15+dfsg-2~1.2.2+dfsg1-2+hurd.1
ntpeq1:4.2.8p15+dfsg-1
ntpeq1:4.2.8p15-1

Name	Operator	Version
ntp	eq	1:4.2.8p13+dfsg-1
ntp	eq	1:4.2.8p15+dfsg-2~1.2.1+dfsg1-7+hurd.1
ntp	eq	1:4.2.8p15+dfsg-2~1.2.1+dfsg1-8+hurd.1
ntp	eq	1:4.2.8p14+dfsg-1
ntp	eq	1:4.2.8p12+dfsg-4
ntp	eq	1:4.2.8p13+dfsg-2
ntp	eq	1:4.2.8p14+dfsg-2
ntp	eq	1:4.2.8p15+dfsg-2~1.2.2+dfsg1-2+hurd.1
ntp	eq	1:4.2.8p15+dfsg-1
ntp	eq	1:4.2.8p15-1