ntp: crypto-NAK preemptable association denial of service

🗓️ 03 Aug 2016 07:43:21Reported by RedHatType

Denial of service flaw in preemptable Network Time Protocol client associations allows disruption of time synchronization via spoofed cryptographic acknowledgments.

Reporter	Title	Published	Views	Family All 127
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Privileged Identity Manager	16 Jun 201821:45	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Ntp affect IBM Security Identity Governance	16 Jun 201821:44	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in NTP affect Power Hardware Management Console	23 Sep 202101:31	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in ntp affect PowerKVM	18 Jun 201801:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection	16 Jun 201821:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple ntp vulnerabilities	18 Jun 201801:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in NTP	16 Jun 201821:45	–	ibm
IBM Security Bulletins	Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available	16 Jun 201821:45	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in NTP affect IBM Flex System Chassis Management Module	31 Jan 201902:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in NTP	16 Jun 201821:45	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6.7	ppc64	ntp	0:4.2.6p5-5.el6_7.5	ntp-0:4.2.6p5-5.el6_7.5.ppc64.rpm
Red Hat Enterprise Linux	6.7	s390x	ntp	0:4.2.6p5-5.el6_7.5	ntp-0:4.2.6p5-5.el6_7.5.s390x.rpm
Red Hat Enterprise Linux	6.7	x86_64	ntp	0:4.2.6p5-5.el6_7.5	ntp-0:4.2.6p5-5.el6_7.5.x86_64.rpm
Red Hat Enterprise Linux	6.7	any	ntp	0:4.2.6p5-5.el6_7.5.i686	ntp-0:4.2.6p5-5.el6_7.5.i686.noarch.rpm
Red Hat Enterprise Linux	6.7	ppc64	ntp-debuginfo	0:4.2.6p5-5.el6_7.5	ntp-debuginfo-0:4.2.6p5-5.el6_7.5.ppc64.rpm
Red Hat Enterprise Linux	6.7	s390x	ntp-debuginfo	0:4.2.6p5-5.el6_7.5	ntp-debuginfo-0:4.2.6p5-5.el6_7.5.s390x.rpm
Red Hat Enterprise Linux	6.7	x86_64	ntp-debuginfo	0:4.2.6p5-5.el6_7.5	ntp-debuginfo-0:4.2.6p5-5.el6_7.5.x86_64.rpm
Red Hat Enterprise Linux	6.7	any	ntp-debuginfo	0:4.2.6p5-5.el6_7.5.i686	ntp-debuginfo-0:4.2.6p5-5.el6_7.5.i686.noarch.rpm
Red Hat Enterprise Linux	6.7	any	ntp-doc	0:4.2.6p5-5.el6_7.5.noarch	ntp-doc-0:4.2.6p5-5.el6_7.5.noarch.noarch.rpm
Red Hat Enterprise Linux	6.7	ppc64	ntp-perl	0:4.2.6p5-5.el6_7.5	ntp-perl-0:4.2.6p5-5.el6_7.5.ppc64.rpm

Source	Link
support	www.support.ntp.org/bin/view/Main/SecurityNotice
talosintel	www.talosintel.com/reports/TALOS-2016-0081/
access	www.access.redhat.com/security/cve/CVE-2016-1547
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-1547
cve	www.cve.org/CVERecord

13 May 2026 01:23Current

7.1High risk

Vulners AI Score7.1

CVSS 25

CVSS 35.3

EPSS0.0511