ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via spoofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker. References: https://arxiv.org/abs/2005.01783 https://nikhiltripathi.in/NTP_attack.pdf https://security.netapp.com/advisory/ntap-20200518-0006/
Created ntp tracking bugs for this issue: Affects: fedora-all [bug 1848590]
Statement: As per the researcher this issue only affects NTP versions 4.2.8p10 through 4.2.8p13, which are not shipped with any Red Hat products, therefore they are not affected by this flaw.
External References: https://arxiv.org/abs/2005.01783 https://nikhiltripathi.in/NTP_attack.pdf https://security.netapp.com/advisory/ntap-20200518-0006/