A flaw was found in the way ntpd implemented the trap service. A remote attacker could send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service.
Use "restrict default noquery …" in your ntp.conf file. Only allow mode 6 queries from trusted networks and hosts.