Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Fedora 43 ntpd-rs Critical Denial Of Service Fix CVE-2026-26076

fedora
Calendar Grey March 31, 2026
Dist Fedora Esm H88
Fedora 43 updates ntpd-rs to 1.7.1 fixing critical remote DoS risk linked to CVE-2026-26076.
Update to version 1.7.1

Summary

Full-featured implementation of NTP with NTS support.

Update Information:

Update to version 1.7.1. Includes the fix for CVE-2026-26076: https://github.com/pendulum-project/ntpd- rs/security/advisories/GHSA-c7j7-rmvr-fjmv Release notes: https://github.com/pendulum-project/ntpd-rs/releases/tag/v1.7.0 https://github.com/pendulum-project/ntpd-rs/releases/tag/v1.7.1

Change Log

* Sun Mar 22 2026 Fabio Valentini - 1.7.1-1 - Update to version 1.7.1; Fixes RHBZ#2435477

References


[ 1 ] Bug #2439602 - CVE-2026-26076 ntpd-rs: ntpd-rs: Denial of Service via malformed NTS packets requesting excessive cookies [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2439602

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cbe2315bad' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ntpd-rs
Product: Fedora 43
Version: 1.7.1
Release: 1.fc43
Summary: Full-featured implementation of NTP with NTS support

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here