Resolution for ntp: various flaws (CVE-2015-7979, CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518)
Issue
- ntp: off-path denial of service on authenticated broadcast mode (CVE-2015-7979)
- ntp: crypto-NAK preemptable association denial of service (CVE-2016-1547)
- ntp: ntpd switching to interleaved mode with spoofed packets (CVE-2016-1548)
- ntp: ephemeral association time spoofing (CVE-2016-1549)
- ntp: libntp message digest disclosure (CVE-2016-1550)
- ntp: assertion failure in ntpd on duplicate IPs on unconfig directives (CVE-2016-2516)
- ntp: certain remote configuration values not properly validated (CVE-2016-2517)
- ntp: out-of-bounds references on crafted packet (CVE-2016-2518)
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.