CVE-2016-9311

2016-11-24T14:17:32
ID RH:CVE-2016-9311
Type redhatcve
Reporter redhat.com
Modified 2020-08-18T08:51:40

Description

A flaw was found in the way ntpd implemented the trap service. A remote attacker could send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service.

Mitigation

Use "restrict default noquery ..." in your ntp.conf file. Only allow mode 6 queries from trusted networks and hosts.