MGASA-2020-0281 - Updated ntp packages fix security vulnerability Publication date: 05 Jul 2020 URL: https://advisories.mageia.org/MGASA-2020-0281.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-15025 Updated ntp packages fix security vulnerability: ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file (CVE-2020-15025) References: - https://bugs.mageia.org/show_bug.cgi?id=26851 - http://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea - http://support.ntp.org/bin/view/Main/NtpBug3661 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15025 SRPMS: - 7/core/ntp-4.2.8p15-1.mga7
Mageia 2020-0281: ntp security update
Updated ntp packages fix security vulnerability: ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumptio...
Summary
Updated ntp packages fix security vulnerability:
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote
attackers to cause a denial of service (memory consumption) by sending
packets, because memory is not freed in situations where a CMAC key is
used and associated with a CMAC algorithm in the ntp.keys file
(CVE-2020-15025)
References
- https://bugs.mageia.org/show_bug.cgi?id=26851
- http://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea
- http://support.ntp.org/bin/view/Main/NtpBug3661
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15025
Resolution
MGASA-2020-0281 - Updated ntp packages fix security vulnerability
SRPMS
- 7/core/ntp-4.2.8p15-1.mga7
Severity
Publication date: 05 Jul 2020
URL: https://advisories.mageia.org/MGASA-2020-0281.html
Type: security
CVE: CVE-2020-15025
News
HOWTOs
Features
About Us
Powered By
