Lucene search

Ntp Security Vulnerabilities - 2023

cve

CVE-2023-26551

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

5.6CVSS

5.8AI Score

0.001EPSS

2023-04-11 09:15 PM

118

cve

CVE-2023-26552

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

5.6CVSS

5.8AI Score

0.001EPSS

2023-04-11 09:15 PM

cve

CVE-2023-26553

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

5.6CVSS

5.8AI Score

0.001EPSS

2023-04-11 09:15 PM

cve

CVE-2023-26554

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.

5.6CVSS

5.8AI Score

0.001EPSS

2023-04-11 09:15 PM

cve

CVE-2023-26555

praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.

6.4CVSS

6.3AI Score

0.001EPSS

2023-04-11 09:15 PM

316