RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1422944 - [LLNL 7.4 Bug] ntp no longer works correctly with multicastclient
Summary: [LLNL 7.4 Bug] ntp no longer works correctly with multicastclient
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ntp
Version: 7.3
Hardware: x86_64
OS: Linux
urgent
urgent
Target Milestone: rc
: 7.4
Assignee: Miroslav Lichvar
QA Contact: qe-baseos-daemons
Mirek Jahoda
URL:
Whiteboard:
Depends On:
Blocks: 1381646 1427573 1472751
TreeView+ depends on / blocked
 
Reported: 2017-02-16 15:39 UTC by Trent D'Hooge
Modified: 2021-06-10 11:57 UTC (History)
10 users (show)

Fixed In Version: ntp-4.2.6p5-27.el7
Doc Type: Bug Fix
Doc Text:
Prior to this update, the NTP daemon (ntpd) configured as a multicast client was not able to process multicast messages after an association with a multicast server had been created. As a consequence, the multicast client was repeatedly resetting the association with the server and it processed only unicast messages in the initial exchange. With this update, the described bug has been fixed, and the NTP multicast client now works properly in the described scenario.
Clone Of:
: 1422973 1427573 (view as bug list)
Environment:
Last Closed: 2017-08-28 13:23:24 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Fix regression in multicastclient after CVE-2016-7429 (562 bytes, patch)
2017-02-17 13:49 UTC, Miroslav Lichvar 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Network Time Protocol 3356 0 None None None 2018-12-11 11:04:41 UTC
Red Hat Bugzilla 1397341 0 low CLOSED CVE-2016-7429 ntp: Attack on interface selection 2021-02-22 00:41:40 UTC

Internal Links: 1397341

Description Trent D'Hooge 2017-02-16 15:39:05 UTC 
Description of problem:

With the latest version of ntp from RHEL 6 and RHEL7 we found that multicastclient will no longer . For RHEL 7, version ntp-4.2.6p5-25.el7.x86_64 works properly, ntp-4.2.6p5-25.el7_3.1.x86_64 does not.


Version-Release number of selected component (if applicable):
ntp-4.2.6p5-25.el7_3.1.x86_64

How reproducible:

Install ntp-4.2.6p5-25.el7_3.1.x86_64. setup client to use

multicastclient 224.0.1.1

Steps to Reproduce:
ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 eopal185        134.9.1.98       3 u  240   64   10    8.000  -422.55   0.000

note it is not locked into eopal185



Expected results:

vs a system still running the old version of ntp, ntp-4.2.6p5-25.el7.x86_64

ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*equartz187      134.9.1.98       3 m    7   64  377    8.000   -0.119   0.536


Additional info:

removing patch 7429 from ntp allows ntp multicast to work again on RHEL7.
Comment 3 Ben Woodard 2017-02-16 16:29:36 UTC 
According to one of LLNL's engineers this is related to: http://support.ntp.org/bin/view/Main/NtpBug3072

This is a regression caused by the update to NTP by:
https://access.redhat.com/errata/RHSA-2017:0252 and in particular:
https://bugzilla.redhat.com/show_bug.cgi?id=1397341

My working hypothesis is the author of the patch for the interface selection didn't understand how multicast works and didn't exempt the multicast addresses when it filtered out the mismatched IP/interface packets. Since multicast gives interfaces a new multicast address (which looks like a different IP address) the logic needs to accept those when NTP is participating on a multicast group.
Comment 6 Miroslav Lichvar 2017-02-16 16:59:08 UTC 
Upstream bug:

https://bugs.ntp.org/show_bug.cgi?id=3356
Comment 11 Miroslav Lichvar 2017-02-17 13:49:47 UTC 
Created attachment 1252015 [details]
Fix regression in multicastclient after CVE-2016-7429

Backported patch to fix multicast client to process both server and broadcast mode packets.
Comment 14 Travis Gummels 2017-02-17 14:38:31 UTC 
Trent,

Test build is here:

http://people.redhat.com/tgummels/partners/.lc-d839231e87c805b7b71e764e0ed05825

Feedback appreciated.

Travis
Comment 15 Travis Gummels 2017-02-17 17:22:58 UTC 
From: "Trent D'Hooge" <tdhooge>
To: "Travis Gummels" <tgummels>, "Jim Foraker" <foraker1>
Cc: "Ben Woodard" <woodard>
Sent: Friday, February 17, 2017 12:20:25 PM
Subject: Re: ntp bug for rhel7

looks good


[root@opal108:~]# ntpq -p
      remote           refid      st t when poll reach   delay offset  
jitter
==============================================================================
+namedhost       134.9.1.98       3 u   24   64  376    8.000 0.531   0.037
*eopal185        134.9.1.98       3 u   24   64  376    8.000 0.521   0.040
[root@opal108:~]# rpm -q ntp
ntp-4.2.6p5-26.test1422944.el7.x86_64
Note You need to log in before you can comment on or make changes to this bug.