The following flaw was found in ntpd: An exploitable denial of service vulnerability exists in the remote configuration functionality of the Network Time Protocol. A specially crafted configuration file could cause an endless loop resulting in a denial of service. An attacker could provide a the malicious configuration file to trigger this vulnerability. External References: http://talosintel.com/reports/TALOS-2015-0055/ http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
Upstream patch: https://github.com/ntp-project/ntp/commit/bb928ef08eec020ef6008f3a140702ccc0536b8e
Created ntp tracking bugs for this issue: Affects: fedora-all [bug 1296167]
Closing this as notabug: The issue relies on the fact that an attacker could provide a crafted config file that could cause ntpd loop infinitely. Fixing this one case does not prevent the attacker from pointing ntpd to the e.g. /dev/zero file, which would have the same effect. This issue is limited to users who are able to use the :config command.