Debian Security Advisory
DSA-3222-1 chrony -- security update
- Date Reported:
- 12 Apr 2015
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 782160.
In Mitre's CVE dictionary: CVE-2015-1821, CVE-2015-1822, CVE-2015-1853.
- More information:
Miroslav Lichvar of Red Hat discovered multiple vulnerabilities in chrony, an alternative NTP client and server:
Using particular address/subnet pairs when configuring access control would cause an invalid memory write. This could allow attackers to cause a denial of service (crash) or execute arbitrary code.
When allocating memory to save unacknowledged replies to authenticated command requests, a pointer would be left uninitialized, which could trigger an invalid memory write. This could allow attackers to cause a denial of service (crash) or execute arbitrary code.
When peering with other NTP hosts using authenticated symmetric association, the internal state variables would be updated before the MAC of the NTP messages was validated. This could allow a remote attacker to cause a denial of service by impeding synchronization between NTP peers.
For the stable distribution (wheezy), these problems have been fixed in version 1.24-3.1+deb7u3.
For the unstable distribution (sid), these problems have been fixed in version 1.30-2.
We recommend that you upgrade your chrony packages.