Resolution for ntp: various flaws (CVE-2015-7979, CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518)

Solution Verified - Updated -

Issue

  • ntp: off-path denial of service on authenticated broadcast mode (CVE-2015-7979)
  • ntp: crypto-NAK preemptable association denial of service (CVE-2016-1547)
  • ntp: ntpd switching to interleaved mode with spoofed packets (CVE-2016-1548)
  • ntp: ephemeral association time spoofing (CVE-2016-1549)
  • ntp: libntp message digest disclosure (CVE-2016-1550)
  • ntp: assertion failure in ntpd on duplicate IPs on unconfig directives (CVE-2016-2516)
  • ntp: certain remote configuration values not properly validated (CVE-2016-2517)
  • ntp: out-of-bounds references on crafted packet (CVE-2016-2518)

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In