November 2016 NTP Security Vulnerability Announcement - Red Hat Customer Portal

Issue

NTP Vulnerability Announcement November 21st 2016

Red Hat Security Bugzillas Rated Moderate

CVE-2016-7426 - Bugzilla 1397345 ntp: Client rate limiting and server responses
CVE-2016-7427 - Bugzilla 1397329 ntp: Broadcast Mode Replay Prevention DoS
CVE-2016-7431 - Bugzilla 1397331 ntp: Zero Origin timestamp regression
CVE-2016-7433 - Bugzilla 1397347 ntp: Broken initial sync calculations regression

CVE-2016-9310 - Bugzilla 1397319 ntp: Mode 6 unauthenticated trap information disclosure and DDoS vector
CVE-2016-9311 - Bugzilla 1398350 ntp: Null pointer dereference when trap service is enabled
Red Hat Security Bugzillas Rated Low
CVE-2016-7428 - Bugzilla 1397328 ntp: Broadcast Mode Poll Interval Enforcement DoS
CVE-2016-7429 - Bugzilla 1397341 ntp: Attack on interface selection
CVE-2016-7434 - Bugzilla 1397334 ntp: read_mru_list() does inadequate incoming packet checks

Environment

Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)