Bug 216309
Summary: | Buffer Overflow in NTP WWV Refclock Driver | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Doug Mitchell <redhat> |
Component: | ntp | Assignee: | Miroslav Lichvar <mlichvar> |
Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 6 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-12-13 17:44:06 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 216853 |
Description
Doug Mitchell
2006-11-19 03:27:41 UTC
Also requires that flag4 (CLK_FLAG4) to be set for debugging for crash to occur. Here is the line from my ntp.conf that enables debugging: fudge 127.127.36.0 flag4 1 And that should have been "too many bytes in an 80 byte buffer". Thanks, Doug Thanks for the report, I will put a fix to updates. Reported upstream: https://ntp.isc.org/bugs/show_bug.cgi?id=738 I remove the the Security Response Team from the CC list, for I believe (and agree with mlichvar) this does not have any security consequences. The bug is triggered only while debugging, and occurs in very early phase of daemon startup ("after reading first successful timestamp"). |