CVE-2010-0294

Name of the Vulnerable Software and Affected Versions Chrony versions prior to 1.23.1 Chrony version 1.24-pre1

Description The issue allows remote attackers to cause a denial of service, specifically disk consumption, by sending a large number of invalid packets. This is because chronyd generates a syslog message for each unauthorized cmdmon packet.

Recommendations For Chrony versions prior to 1.23.1, update to version 1.23.1 or later to resolve the issue. For Chrony version 1.24-pre1, consider disabling the cmdmon packet handling functionality until a patch is available.