Bug 2135583

Summary: Threat model finding: Detection of possible abuse if more than a majority disagree on any scale
Product: Red Hat Enterprise Linux 9 Reporter: Wade Mealing <wmealing>
Component: chronyAssignee: Miroslav Lichvar <mlichvar>
Status: ASSIGNED --- QA Contact: rhel-cs-infra-services-qe <rhel-cs-infra-services-qe>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 9.0Keywords: Triaged
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2231078    
Bug Blocks:    

Comment 1 Miroslav Lichvar 2023-01-26 16:35:28 UTC 
With the latest upstream code detected falsetickers and the worst case when no majority is reached are logged to syslog as warnings. It's up to the admin to evaluate their number and decide whether it's a random failure of the sources, the local clock, or a potential attack.
Comment 2 Miroslav Lichvar 2023-08-10 13:55:41 UTC 
This issue will be fixed by rebase to chrony-4.4 (bug #2231078).