Bug 1434005 (CVE-2017-6458)
Summary: | CVE-2017-6458 ntp: Potential Overflows in ctl_put() functions | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | dmoppert, linville, mlichvar, sardella, security-response-team, slawomir |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | ntp 4.2.8p10, ntp 4.3.94 | Doc Type: | If docs needed, set a value |
Doc Text: |
A vulnerability was found in NTP, in the building of response packets with custom fields. If custom fields were configured in ntp.conf with particularly long names, inclusion of these fields in the response packet could cause a buffer overflow, leading to a crash.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2017-03-30 06:08:16 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1435163 | ||
Bug Blocks: | 1434021 |
Description
Adam Mariš
2017-03-20 14:15:30 UTC
Acknowledgments: Name: the NTP project Upstream: Cure53 Created ntp tracking bugs for this issue: Affects: fedora-all [bug 1435163] Statement: The security assessment from cure53 clarifies that this issue (identified as NTP-01-0004) is not a vulnerability per se, but a weakness in ntp's internal coding style that may cause a vulnerability if particularly long variable names are defined at compile time. No such variable names are defined in upstream source code, nor in Fedora or Red Hat Enterprise Linux versions of ntp. |