CVE-2015-1799

Description

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.

How to fix CVE-2015-1799

To remediate CVE-2015-1799, upgrade the affected package to a fixed version below.

• Debian/ntp—upgrade to 1:4.2.6.p5+dfsg-6 or later

Is CVE-2015-1799 being exploited?

Low — EPSS is 0.7%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1:4.2.6.p5+dfsg-6

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2015-1799