Astra Linux - уязвимость в ntp

The praecisparse function in ntpd/refclockpalisade.c, within NTP 4.2.8p15, contains an out-of-bounds write vulnerability. Any attack method would be complex, for example, using a manipulated GPS receiver...

SUSE-SU-2025:20862-1 Security update for chrony

This update for chrony fixes the following issues: - Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

Security update for chrony

This update for chrony fixes the following issues: Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

SUSE-SU-2025:20846-1 Security update for chrony

This update for chrony fixes the following issues: - Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

Security update for chrony

This update for chrony fixes the following issues: Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

EUVD-2017-15508

Malware in sbrugna...

Multiple NTP vulnerabilities resolved (CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26555)

CVE-2023-26551 mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cpcpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. Base Score: 5.6 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2023-26552 mstolfp in...

Fedora: Security Advisory for ntp-refclock (FEDORA-2023-611a143d5f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: ntp-refclock-0.6-1.fc38

ntp-refclock is a wrapper for reference clock drivers included in the ntpd daemon, which enables other NTP implementations to use the supported hardware reference clocks for synchronization of the system clock. It provides a minimal environment for the drivers to be able to run in a separate...

[SECURITY] Fedora 37 Update: ntp-refclock-0.6-1.fc37

ntp-refclock is a wrapper for reference clock drivers included in the ntpd daemon, which enables other NTP implementations to use the supported hardware reference clocks for synchronization of the system clock. It provides a minimal environment for the drivers to be able to run in a separate...

Fedora 37 : ntp-refclock (2023-c0762a0e57)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c0762a0e57 advisory. Update to latest ntp-refclock and ntp, which fixes CVE-2023-26555. Tenable has extracted the preceding description block directly from the Fedora...

Fedora: Security Advisory for ntp-refclock (FEDORA-2023-c0762a0e57)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : ntp-refclock (2023-611a143d5f)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-611a143d5f advisory. Update to latest ntp-refclock and ntp, which fixes CVE-2023-26555. Tenable has extracted the preceding description block directly from the Fedora...

OESA-2023-1292 ntp security update

NTP is a protocol designed to synchronize the clocks of computers over a network, NTP version 4, a significant revision of the previous NTP standard, is the current development version. It is formalized by RFCs released by the IETF. Security Fixes: praecisparse in ntpd/refclockpalisade.c in NTP...

UBUNTU-CVE-2023-26555

praecisparse in ntpd/refclockpalisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver...

CVE-2023-26555

praecisparse in ntpd/refclockpalisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver...

PT-2023-2770 · Ntp +3 · Ntp +3

Name of the Vulnerable Software and Affected Versions: NTP version 4.2.8p15 Description: The issue is related to an out-of-bounds write in the praecis parse function in ntpd/refclock palisade.c. This could potentially allow a remote attacker to cause a denial of service by sending a specially...

K07082049: NTP vulnerability CVE-2017-6462

Security Advisory Description Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device. CVE-2017-6462 Impact This vulnerability allows local users ...

K17525: NTP vulnerability CVE-2015-7853

Security Advisory Description The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value. CVE-2015-7853 Impact Running a custom refclock driver in...

SUSE CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...