CVE-2018-7185

Name of the Vulnerable Software and Affected Versions ntp versions 4.2.6 through 4.2.8p10

Description The issue is related to the implementation of the NTP protocol, specifically with insufficient input validation. This can be exploited by a remote attacker to cause a denial of service by sending specially crafted packets. The protocol engine in ntp allows a remote attacker to disrupt the service by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association, causing the victim ntpd to reset its association. Additionally, the failure to prevent Sybil attacks from authenticated peers can allow an attacker to bypass security restrictions and modify a victim's clock by creating multiple ephemeral associations.

Recommendations For ntp versions 4.2.6 through 4.2.8p10, update to version 4.2.8p11 or later to resolve the issue. As a temporary workaround, consider restricting access to the ntp service to minimize the risk of exploitation. Avoid using the ntp service until the issue is resolved.