Miroslav Lichvar

**Name of the Vulnerable Software and Affected Versions** NTPsec version 1.2.0 **Description** The issue is related to the ntpkeygen component of the NTPsec protocol implementation, which can generate keys that ntpd fails to parse. This occurs when ntpkeygen generates keys containing '#' characters, causing ntpd to either pad, shorten the key, or fail to load these keys entirely. The result is that administrators may not be able to use the keys as expected, or the keys may be shorter than expected and easier to brute-force, potentially leading to man-in-the-middle (MITM) attacks between ntp clients and ntp servers. **Recommendations** For NTPsec version 1.2.0, consider avoiding the use of keys generated with '#' characters until a patch is available. As a temporary workaround, restrict the generation of keys to those that do not contain '#' characters to minimize the risk of exploitation. Additionally, monitor ntpd warnings for short AES128 keys being padded, and take necessary measures to ensure key security. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** linuxptp versions before 3.1.1 linuxptp versions before 2.0.1 linuxptp versions before 1.9.3 linuxptp versions before 1.8.1 linuxptp versions before 1.7.1 linuxptp versions before 1.6.1 linuxptp versions before 1.5.1 **Description** A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. **Recommendations** For versions before 3.1.1, update to version 3.1.1 or later. For versions before 2.0.1, update to version 2.0.1 or later. For versions before 1.9.3, update to version 1.9.3 or later. For versions before 1.8.1, update to version 1.8.1 or later. For versions before 1.7.1, update to version 1.7.1 or later. For versions before 1.6.1, update to version 1.6.1 or later. For versions before 1.5.1, update to version 1.5.1 or later.

**Name of the Vulnerable Software and Affected Versions** ntp versions 4.2.8p4 through 4.2.8p10 **Description** The issue is related to errors in processing input data in the ntpd implementation of the NTP protocol. Exploitation of this issue can allow a remote attacker to cause a denial of service by sending specially crafted packets. This can disrupt the service by resetting the association and setting the packet's contents as the most recent timestamp. The problem arises from an incomplete fix for a previous issue. Additionally, the vulnerability can be exploited by creating multiple ephemeral associations to win the clock selection of ntpd, allowing an attacker to modify a victim's clock. **Recommendations** For ntp versions 4.2.8p4 through 4.2.8p10, update to version 4.2.8p11 or later to resolve the issue. As a temporary workaround, consider restricting access to the ntpd service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ntp versions 4.2.6 through 4.2.8p10 **Description** The issue is related to the implementation of the NTP protocol, specifically with insufficient input validation. This can be exploited by a remote attacker to cause a denial of service by sending specially crafted packets. The protocol engine in ntp allows a remote attacker to disrupt the service by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association, causing the victim ntpd to reset its association. Additionally, the failure to prevent Sybil attacks from authenticated peers can allow an attacker to bypass security restrictions and modify a victim's clock by creating multiple ephemeral associations. **Recommendations** For ntp versions 4.2.6 through 4.2.8p10, update to version 4.2.8p11 or later to resolve the issue. As a temporary workaround, consider restricting access to the ntp service to minimize the risk of exploitation. Avoid using the `ntp` service until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** NTP versions prior to 4.2.8p9 **Description** The issue allows remote attackers to cause a denial of service by sending responses with a spoofed source address, preventing responses from the configured sources when rate limiting for all associations is enabled. **Recommendations** For versions prior to 4.2.8p9, update to version 4.2.8p9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NTP versions prior to 4.2.8p9 Cisco products (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service by sending a response for a source to an interface the source does not use. Multiple vulnerabilities in the Network Time Protocol daemon package could allow an unauthenticated, remote attacker to cause a denial of service condition or modify the time being advertised by a device acting as a Network Time Protocol server. These vulnerabilities include issues related to denial of service and logic problems that may allow an attacker to shift a system's time. **Recommendations** For NTP versions prior to 4.2.8p9, update to version 4.2.8p9 or later to resolve the issue. For Cisco products, refer to the Cisco bug for each affected product to find available workarounds that address one or more of these vulnerabilities. As a temporary workaround, consider restricting access to the NTP service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NTP versions 4.x before 4.2.8p8 **Description** The issue allows remote attackers to cause a denial of service by sending a spoofed crypto-NAK packet or a packet with an incorrect MAC value at a certain time when autokey is enabled. This can lead to peer-variable clearing and association outage. Multiple Cisco products that incorporate a version of the Network Time Protocol daemon package are affected, potentially allowing an unauthenticated, remote attacker to cause a denial of service condition or modify the time being advertised by a device acting as a Network Time Protocol server. **Recommendations** For NTP versions 4.x before 4.2.8p8, update to version 4.2.8p8 or later to resolve the issue. As a temporary workaround, consider disabling the autokey feature until a patch is available. Restrict access to the NTP server to minimize the risk of exploitation. Avoid using the autokey feature in the affected NTP version until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** NTP versions prior to 4.2.8p8 **Description** The issue allows remote attackers to cause a denial of service or modify the time being advertised by a device acting as a Network Time Protocol server via a spoofed broadcast packet. This is due to an incomplete fix for a previous issue. Multiple vulnerabilities exist, including Network Time Protocol CRYPTO-NAK Denial of Service, Network Time Protocol Bad Authentication, Network Time Protocol Processing Spoofed Server Packets, Network Time Protocol Autokey Association Reset, and Network Time Protocol Broadcast Interleave. **Recommendations** For versions prior to 4.2.8p8, update to version 4.2.8p8 or later to resolve the issue. As a temporary workaround, consider restricting access to the `ntpd` package to minimize the risk of exploitation. Additionally, workarounds may be available and documented in the Cisco bug for each affected product.

**Name of the Vulnerable Software and Affected Versions** NTP versions 4.x before 4.2.8p8 **Description** The issue allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time. Multiple Cisco products that incorporate a version of the Network Time Protocol daemon (ntpd) package are affected, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server. **Recommendations** For NTP versions 4.x before 4.2.8p8, update to version 4.2.8p8 or later to resolve the issue. As a temporary workaround, consider restricting access to the `ntpd` package to minimize the risk of exploitation. Avoid using the `crypto-NAK` packet in the affected NTP protocol until the issue is resolved. Restrict access to the vulnerable `ntpd` package to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NTP versions 4.2.8p4 and earlier NTPSec version aa48d001683e5b791a743ec9c575aaf7d867a2b0c **Description** An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the `peer->dst` timestamp recorded for that server. This allows the attacker to change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode. After making this switch, the client will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. **Recommendations** For NTP versions 4.2.8p4 and earlier, consider updating to a newer version to mitigate the risk. For NTPSec version aa48d001683e5b791a743ec9c575aaf7d867a2b0c, consider updating to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the `ntpd` server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** chrony versions prior to 1.31.1 **Description** The issue allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via a large number of command requests, due to the failure to initialize the last "next" pointer when saving unacknowledged replies to command requests. This can lead to an uninitialized pointer dereference and daemon crash. **Recommendations** For versions prior to 1.31.1, update to version 1.31.1 or later to resolve the issue. As a temporary workaround, consider restricting the number of command requests to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** chrony versions prior to 1.31.1 **Description** The issue allows remote authenticated users to cause a denial of service or possibly execute arbitrary code by configuring NTP or cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder. **Recommendations** For versions prior to 1.31.1, update to version 1.31.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the NTP and cmdmon configurations to minimize the risk of exploitation. Avoid using subnet sizes that are indivisible by four and addresses with nonzero bits in the subnet remainder in the affected configurations until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ntpd versions 4.x through 4.2.8p1 **Description** The issue allows man-in-the-middle attackers to spoof packets by omitting the MAC, making it easier to launch attacks. This is due to the symmetric-key feature in the receive function requiring a correct MAC only if the MAC field has a nonzero length. **Recommendations** For ntpd versions 4.x through 4.2.8p1, update to version 4.2.8p2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NTP versions prior to 4.2.7p366 **Description** The issue allows remote attackers to cause a denial of service, potentially via a crafted NTP packet. This is due to improper type conversions from a precision value to a double in the ULOGTOD function in ntp.d in SNTP. Additionally, the decodenetnum() function may cause a denial of service when encountering invalid values instead of returning FAIL. **Recommendations** For versions prior to 4.2.7p366, update to version 4.2.7p366 or later to resolve the issue. As a temporary workaround, consider restricting access to the NTP service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NTP versions 3.x through 4.2.8p1 NTP version 4.2.8p2 is not affected, as it is the fixed version, so all versions prior to 4.2.8p2 are vulnerable. **Description** The issue allows man-in-the-middle attackers to cause a denial of service, specifically synchronization loss, by spoofing the source IP address of a peer. This is due to the symmetric-key feature in the receive function performing state-variable updates upon receiving certain invalid packets. An attacker could exploit this by sending specially-crafted packets to both peering hosts, preventing synchronization. **Recommendations** For NTP versions 3.x through 4.2.8p1, update to version 4.2.8p2 or later to resolve the issue. As a temporary workaround, consider restricting access to the symmetric key authentication feature until a patch is available. Avoid using symmetric key authentication in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Chrony versions prior to 1.23.1 **Description** The issue concerns the client logging functionality in chronyd, which does not limit the memory used for storing client information. This allows remote attackers to cause a denial of service by consuming memory via spoofed NTP or cmdmon packets. **Recommendations** For versions prior to 1.23.1, update to version 1.23.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the chronyd service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Chrony versions prior to 1.23.1 Chrony version 1.24-pre1 **Description** The issue allows remote attackers to cause a denial of service, specifically disk consumption, by sending a large number of invalid packets. This is because chronyd generates a syslog message for each unauthorized cmdmon packet. **Recommendations** For Chrony versions prior to 1.23.1, update to version 1.23.1 or later to resolve the issue. For Chrony version 1.24-pre1, consider disabling the cmdmon packet handling functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Chrony versions prior to 1.23.1 Chrony version 1.24-pre1 **Description** The issue allows remote attackers to cause a denial of service by sending a spoofed cmdmon packet, triggering a continuous exchange of NOHOSTACCESS messages between two daemons. **Recommendations** For Chrony versions prior to 1.23.1, update to version 1.23.1 or later to resolve the issue. For Chrony version 1.24-pre1, update to a newer version to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mutt version 1.5.19 **Description** The issue allows remote attackers to spoof trusted servers via a man-in-the-middle attack because it only verifies one TLS certificate in the chain instead of the entire chain. This can occur when Mutt is linked against either OpenSSL or GnuTLS. **Recommendations** For Mutt version 1.5.19, consider updating to a version that properly verifies the entire TLS certificate chain to prevent man-in-the-middle attacks. As a temporary workaround, restrict access to sensitive information until a patch is available.

**Name of the Vulnerable Software and Affected Versions** newt versions 0.51.5 through 0.52.2 newt-devel versions 0.51.5 through 0.52.2 libnewt0 versions prior to 0.52.10-r1 libnewt-dev versions prior to 0.52.10-r1 libnewt-pic versions prior to 0.52.10-r1 **Description** The issue is related to a heap-based buffer overflow in the textbox.c file of the newt package, which can be exploited locally to cause a denial of service or possibly execute arbitrary code via a crafted text dialog box request. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation can be carried out by a local attacker. **Recommendations** For newt versions 0.51.5 through 0.52.2, update to version 0.52.10-r1 or later. For newt-devel versions 0.51.5 through 0.52.2, update to version 0.52.10-r1 or later. For libnewt0, libnewt-dev, and libnewt-pic versions prior to 0.52.10-r1, update to version 0.52.10-r1 or later. As a temporary workaround, consider restricting access to the vulnerable newt package until a patch is available.