CVE-2020-11868

Name of the Vulnerable Software and Affected Versions ntp versions 4.2.8 through 4.2.8p14 ntp versions 4.3.x through 4.3.100

Description The issue allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This is because transmissions are rescheduled even when a packet lacks a valid origin timestamp. The vulnerability is also related to an uncontrolled consumption of resources, which can be exploited by a remote attacker to cause a denial of service. Additionally, memory consumption can occur when sending packets due to memory not being freed in certain situations involving a CMAC key and algorithm in the ntp.keys file.

Recommendations For ntp versions 4.2.8 through 4.2.8p14, update to version 4.2.8p15 or later to resolve the issue. For ntp versions 4.3.x through 4.3.100, update to version 4.3.101 or later to resolve the issue. As a temporary workaround, consider restricting access to the ntpd service to minimize the risk of exploitation.