Oval Definition:oval:com.redhat.rhsa:def:20170252
Revision Date:2017-02-06Version:638
Title:RHSA-2017:0252: ntp security update (Moderate)
Description:The Network Time Protocol (NTP) is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service.

Security Fix(es):

  • It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A remote attacker who knows the sources can cause a denial of service by preventing ntpd from accepting valid responses from its sources. (CVE-2016-7426)

  • A flaw was found in the control mode functionality of ntpd. A remote attacker could send a crafted control mode packet which could lead to information disclosure or result in DDoS amplification attacks. (CVE-2016-9310)

  • A flaw was found in the way ntpd implemented the trap service. A remote attacker could send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service. (CVE-2016-9311)

  • A flaw was found in the way ntpd running on a host with multiple network interfaces handled certain server responses. A remote attacker could use this flaw which would cause ntpd to not synchronize with the source. (CVE-2016-7429)

  • A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash. (CVE-2016-7433)
    • Family:unixClass:patch
    Status:Reference(s):CVE-2016-7426
    CVE-2016-7429
    CVE-2016-7433
    CVE-2016-9310
    CVE-2016-9311
    RHSA-2017:0252
    RHSA-2017:0252-00
    RHSA-2017:0252-01
    RHSA-2017:0252-01
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • ntp is earlier than 0:4.2.6p5-10.el6_8.2
  • AND ntp is signed with Red Hat redhatrelease2 key
  • ntp-doc is earlier than 0:4.2.6p5-10.el6_8.2
  • AND ntp-doc is signed with Red Hat redhatrelease2 key
  • ntp-perl is earlier than 0:4.2.6p5-10.el6_8.2
  • AND ntp-perl is signed with Red Hat redhatrelease2 key
  • ntpdate is earlier than 0:4.2.6p5-10.el6_8.2
  • AND ntpdate is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • ntp is earlier than 0:4.2.6p5-25.el7_3.1
  • AND ntp is signed with Red Hat redhatrelease2 key
  • ntp-doc is earlier than 0:4.2.6p5-25.el7_3.1
  • AND ntp-doc is signed with Red Hat redhatrelease2 key
  • ntp-perl is earlier than 0:4.2.6p5-25.el7_3.1
  • AND ntp-perl is signed with Red Hat redhatrelease2 key
  • ntpdate is earlier than 0:4.2.6p5-25.el7_3.1
  • AND ntpdate is signed with Red Hat redhatrelease2 key
  • sntp is earlier than 0:4.2.6p5-25.el7_3.1
  • AND sntp is signed with Red Hat redhatrelease2 key
    • BACK