The following flaw was found in ntpd:
A potential buffer overflow vulnerability exists in the refclock of ntpd. An invalid length provided by a hardware reference clock could cause a buffer overflow potentially resulting in memory being modified. A malicious reflock could provide a negative length to trigger this vulnerability.
Created ntp tracking bugs for this issue:
Affects: fedora-all [bug 1296163]
This issue did not affect the versions of ntp as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they do not include the custom refclock driver.