Advisories ยป MGASA-2018-0195

Updated ntp packages fix security vulnerabilities

Publication date: 06 Apr 2018
Modification date: 06 Apr 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2016-1549 , CVE-2018-7182 , CVE-2018-7170 , CVE-2018-7184 , CVE-2018-7185 , CVE-2018-7183

Description

This release addresses five security issues in ntpd for Mageia 6:

LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability:
ephemeral association attack While fixed in ntp-4.2.8p7, there are
significant additional protections for this issue in 4.2.8p11.
Reported by Matt Van Gundy of Cisco.

INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer
read overrun leads to undefined behavior and information leak
Reported by Yihan Lian of Qihoo 360.

LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated
ephemeral associations. Reported on the questions@ list.

LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode
cannot recover from bad state. Reported by Miroslav Lichvar of Red Hat.

LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet
can reset authenticated interleaved association.
Reported by Miroslav Lichvar of Red Hat.

one security issue in ntpq:
MEDIUM: Sec 3414 / CVE-2018-7183 / VU#961909: ntpq:decodearr() can write
beyond its buffer limit. Reported by Michael Macnair of Thales-esecurity.com.

and provides over 33 bugfixes and 32 other improvements. ENotification
of these issues were delivered to our Institutional members on a rolling
basis as they were reported and as progress was made.

References

SRPMS

6/core