CVE-2025-58066

Name of the Vulnerable Software and Affected Versions ntpd-rs versions 1.2.0 through 1.6.1

Description ntpd-rs, a tool for synchronizing a computer's clock implementing the NTP and NTS protocols, contains a denial of service issue. When configured as a server, the software incorrectly responds to all NTP messages, including those from other servers. This can lead to a message storm between two ntpd-rs servers, consuming significant resources. Client-only configurations are not affected.

Recommendations Upgrade to version 1.6.2 as soon as possible. If upgrading is not possible, mitigate the issue by whitelisting access to only client IP addresses using the ignore filter method. Block incoming non-request traffic on the NTP server port using a firewall. Disable public access to the vulnerable NTP server. Disable the server functionality by removing any [server] sections from the configuration.