Bug 1970043 (CVE-2021-22212) - CVE-2021-22212 ntpsec: ntpkeygen can generate keys that ntpd fails to parse
Summary: CVE-2021-22212 ntpsec: ntpkeygen can generate keys that ntpd fails to parse
Keywords:
Status: CLOSED UPSTREAM
Alias: CVE-2021-22212
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1955859
Blocks: 1970446
TreeView+ depends on / blocked
 
Reported: 2021-06-09 17:04 UTC by Guilherme de Almeida Suckevicz
Modified: 2021-06-10 13:45 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-06-09 21:04:03 UTC
Embargoed:

Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-06-09 17:04:34 UTC 
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the '#'. This results in the administrator not being able to use the keys as expected or the keys are shorter than expected and easier to brute-force, possibly resulting in MITM attacks between ntp clients and ntp servers. For short AES128 keys, ntpd generates a warning that it is padding them.

Reference:
https://gitlab.com/NTPsec/ntpsec/-/issues/699
Comment 1 Guilherme de Almeida Suckevicz 2021-06-09 17:07:34 UTC 
Created ntpsec tracking bugs for this issue:

Affects: fedora-34 [bug 1955859]
Comment 2 Product Security DevOps Team 2021-06-09 21:04:03 UTC 
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.
Note You need to log in before you can comment on or make changes to this bug.