CVE-2023-26554

2023-04-1121:15:21

Google

osv.dev

ntp

security vulnerability

out-of-bounds write

mstolfp.c

cve-2023-26554

client process

ntpq

5.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

5.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.3%

JSON

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a ‘\0’ character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

CPENameOperatorVersion
ntpeq1:4.2.8p13+dfsg-1
ntpeq1:4.2.8p15+dfsg-2~1.2.1+dfsg1-7+hurd.1
ntpeq1:4.2.8p15+dfsg-2~1.2.1+dfsg1-8+hurd.1
ntpeq1:4.2.8p14+dfsg-1
ntpeq1:4.2.8p12+dfsg-4
ntpeq1:4.2.8p13+dfsg-2
ntpeq1:4.2.8p14+dfsg-2
ntpeq1:4.2.8p15+dfsg-2~1.2.2+dfsg1-2+hurd.1
ntpeq1:4.2.8p15+dfsg-1
ntpeq1:4.2.8p15-1

Name	Operator	Version
ntp	eq	1:4.2.8p13+dfsg-1
ntp	eq	1:4.2.8p15+dfsg-2~1.2.1+dfsg1-7+hurd.1
ntp	eq	1:4.2.8p15+dfsg-2~1.2.1+dfsg1-8+hurd.1
ntp	eq	1:4.2.8p14+dfsg-1
ntp	eq	1:4.2.8p12+dfsg-4
ntp	eq	1:4.2.8p13+dfsg-2
ntp	eq	1:4.2.8p14+dfsg-2
ntp	eq	1:4.2.8p15+dfsg-2~1.2.2+dfsg1-2+hurd.1
ntp	eq	1:4.2.8p15+dfsg-1
ntp	eq	1:4.2.8p15-1