Translated message

A translation of this page exists in English.

2015 年 10 月に発生した NTP セキュリティ脆弱性

Solution Unverified - Updated -


Red Hat Security Bugzillas Rated Important

    Bug 1274265 - CVE-2015-7871 - ntp: crypto-NAK symmetric association authentication bypass vulnerability
    Bug 1271070 - (CVE-2015-7704) CVE-2015-7704 - ntp: disabling synchronization via crafted KoD packet

Red Hat Security Bugzillas Rated Moderate

    Bug 1274263 - (CVE-2015-7854) CVE-2015-7854 ntp: password length memory corruption vulnerability
    Bug 1274262 - (CVE-2015-7853) CVE-2015-7853 ntp: reference clock memory corruption vulnerability
    Bug 1274261 - (CVE-2015-7852) CVE-2015-7852 ntp: ntpq atoascii memory corruption vulnerability
    Bug 1274260 - (CVE-2015-7851) CVE-2015-7851 ntp: saveconfig directory traversal vulnerability
    Bug 1274257 - (CVE-2015-7849) CVE-2015-7849 ntp: trusted keys memory corruption vulnerability
    Bug 1274256 - (CVE-2015-7848) CVE-2015-7848 ntp: multiple integer overflow read access violations
    Bug 1274255 - (CVE-2015-7701) CVE-2015-7701 ntp: unspecified slow memory leak in CRYPTO_ASSOC
    Bug 1274184 - (CVE-2015-7705) CVE-2015-7705 ntp: denial of service by trigerring rate limiting on NTP server
    Bug 1274254 - (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702) CVE-2015-7691 CVE-2015-7692 CVE-2015-7702 ntp: incomplete checks in ntp_crypto.c

Red Hat Security Bugzillas Rated Low

    Bug 1274264 - (CVE-2015-7855) CVE-2015-7855 ntp:ASSERT in decodenetnum() on invalid values
    Bug 1274258 - (CVE-2015-7850) CVE-2015-7850 ntp: remote configuration denial of service vulnerability


Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content