usn-3349-1
Vulnerability from osv_ubuntu
Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-2519)
Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed addresses when performing rate limiting. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7426)
Matthew Van Gundy discovered that NTP incorrectly handled certain crafted broadcast mode packets. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7427, CVE-2016-7428)
Miroslav Lichvar discovered that NTP incorrectly handled certain responses. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7429)
Sharon Goldberg and Aanchal Malhotra discovered that NTP incorrectly handled origin timestamps of zero. A remote attacker could possibly use this issue to bypass the origin timestamp protection mechanism. This issue only affected Ubuntu 16.10. (CVE-2016-7431)
Brian Utterback, Sharon Goldberg and Aanchal Malhotra discovered that NTP incorrectly performed initial sync calculations. This issue only applied to Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7433)
Magnus Stubman discovered that NTP incorrectly handled certain mrulist queries. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7434)
Matthew Van Gund discovered that NTP incorrectly handled origin timestamp checks. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu Ubuntu 16.10, and Ubuntu 17.04. (CVE-2016-9042)
Matthew Van Gundy discovered that NTP incorrectly handled certain control mode packets. A remote attacker could use this issue to set or unset traps. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9310)
Matthew Van Gundy discovered that NTP incorrectly handled the trap service. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9311)
It was discovered that NTP incorrectly handled memory when processing long variables. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2017-6458)
It was discovered that NTP incorrectly handled memory when processing long variables. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. (CVE-2017-6460)
It was discovered that the NTP legacy DPTS refclock driver incorrectly handled the /dev/datum device. A local attacker could possibly use this issue to cause a denial of service. (CVE-2017-6462)
It was discovered that NTP incorrectly handled certain invalid settings in a :config directive. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2017-6463)
It was discovered that NTP incorrectly handled certain invalid mode configuration directives. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2017-6464)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2016-7426",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7427",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7428",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7429",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-9310",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-9311",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6458",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "negligible",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6462",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "negligible",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6463",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6464",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:14.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ntp",
"binary_version": "1:4.2.6.p5+dfsg-3ubuntu2.14.04.11"
},
{
"binary_name": "ntpdate",
"binary_version": "1:4.2.6.p5+dfsg-3ubuntu2.14.04.11"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "ntp",
"purl": "pkg:deb/ubuntu/ntp@1:4.2.6.p5+dfsg-3ubuntu2.14.04.11?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2.6.p5+dfsg-3ubuntu2.14.04.11"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.2.6.p5+dfsg-3ubuntu2",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.1",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.2",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.3",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.5",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.6",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.7",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.8",
"1:4.2.6.p5+dfsg-3ubuntu2.14.04.10"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2016-2519",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7426",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7427",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7428",
"severity": [
{
"score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7429",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7433",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-7434",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-9310",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2016-9311",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6458",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "negligible",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6460",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6462",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "negligible",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6463",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2017-6464",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "low",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:16.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ntp",
"binary_version": "1:4.2.8p4+dfsg-3ubuntu5.5"
},
{
"binary_name": "ntpdate",
"binary_version": "1:4.2.8p4+dfsg-3ubuntu5.5"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "ntp",
"purl": "pkg:deb/ubuntu/ntp@1:4.2.8p4+dfsg-3ubuntu5.5?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:4.2.8p4+dfsg-3ubuntu5.5"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"1:4.2.6.p5+dfsg-3ubuntu8",
"1:4.2.6.p5+dfsg-3ubuntu8.1",
"1:4.2.6.p5+dfsg-3ubuntu9",
"1:4.2.8p4+dfsg-3ubuntu1",
"1:4.2.8p4+dfsg-3ubuntu2",
"1:4.2.8p4+dfsg-3ubuntu3",
"1:4.2.8p4+dfsg-3ubuntu4",
"1:4.2.8p4+dfsg-3ubuntu5",
"1:4.2.8p4+dfsg-3ubuntu5.1",
"1:4.2.8p4+dfsg-3ubuntu5.2",
"1:4.2.8p4+dfsg-3ubuntu5.3",
"1:4.2.8p4+dfsg-3ubuntu5.4"
]
}
],
"aliases": [],
"details": "Yihan Lian discovered that NTP incorrectly handled certain large request\ndata values. A remote attacker could possibly use this issue to cause NTP\nto crash, resulting in a denial of service. This issue only affected\nUbuntu 16.04 LTS. (CVE-2016-2519)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain spoofed\naddresses when performing rate limiting. A remote attacker could possibly\nuse this issue to perform a denial of service. This issue only affected\nUbuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7426)\n\nMatthew Van Gundy discovered that NTP incorrectly handled certain crafted\nbroadcast mode packets. A remote attacker could possibly use this issue to\nperform a denial of service. This issue only affected Ubuntu 14.04 LTS,\nUbuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7427, CVE-2016-7428)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain responses.\nA remote attacker could possibly use this issue to perform a denial of\nservice. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and\nUbuntu 16.10. (CVE-2016-7429)\n\nSharon Goldberg and Aanchal Malhotra discovered that NTP incorrectly\nhandled origin timestamps of zero. A remote attacker could possibly use\nthis issue to bypass the origin timestamp protection mechanism. This issue\nonly affected Ubuntu 16.10. (CVE-2016-7431)\n\nBrian Utterback, Sharon Goldberg and Aanchal Malhotra discovered that NTP\nincorrectly performed initial sync calculations. This issue only applied\nto Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7433)\n\nMagnus Stubman discovered that NTP incorrectly handled certain mrulist\nqueries. A remote attacker could possibly use this issue to cause NTP to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n16.04 LTS and Ubuntu 16.10. (CVE-2016-7434)\n\nMatthew Van Gund discovered that NTP incorrectly handled origin timestamp\nchecks. A remote attacker could possibly use this issue to perform a denial\nof service. This issue only affected Ubuntu Ubuntu 16.10, and Ubuntu 17.04.\n(CVE-2016-9042)\n\nMatthew Van Gundy discovered that NTP incorrectly handled certain control\nmode packets. A remote attacker could use this issue to set or unset traps.\nThis issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu\n16.10. (CVE-2016-9310)\n\nMatthew Van Gundy discovered that NTP incorrectly handled the trap service.\nA remote attacker could possibly use this issue to cause NTP to crash,\nresulting in a denial of service. This issue only applied to Ubuntu 14.04\nLTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9311)\n\nIt was discovered that NTP incorrectly handled memory when processing long\nvariables. A remote authenticated user could possibly use this issue to\ncause NTP to crash, resulting in a denial of service. (CVE-2017-6458)\n\nIt was discovered that NTP incorrectly handled memory when processing long\nvariables. A remote authenticated user could possibly use this issue to\ncause NTP to crash, resulting in a denial of service. This issue only\napplied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. (CVE-2017-6460)\n\nIt was discovered that the NTP legacy DPTS refclock driver incorrectly\nhandled the /dev/datum device. A local attacker could possibly use this\nissue to cause a denial of service. (CVE-2017-6462)\n\nIt was discovered that NTP incorrectly handled certain invalid settings\nin a :config directive. A remote authenticated user could possibly use\nthis issue to cause NTP to crash, resulting in a denial of service.\n(CVE-2017-6463)\n\nIt was discovered that NTP incorrectly handled certain invalid mode\nconfiguration directives. A remote authenticated user could possibly use\nthis issue to cause NTP to crash, resulting in a denial of service.\n(CVE-2017-6464)\n",
"id": "USN-3349-1",
"modified": "2026-02-10T04:41:09Z",
"published": "2017-07-05T18:19:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-3349-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-2519"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-7426"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-7427"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-7428"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-7429"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-7431"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-7433"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-7434"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-9042"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-9310"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-9311"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2017-6458"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2017-6460"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2017-6462"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2017-6463"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2017-6464"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "ntp vulnerabilities",
"upstream": [
"UBUNTU-CVE-2016-2519",
"UBUNTU-CVE-2016-7426",
"UBUNTU-CVE-2016-7427",
"UBUNTU-CVE-2016-7428",
"UBUNTU-CVE-2016-7429",
"UBUNTU-CVE-2016-7431",
"UBUNTU-CVE-2016-7433",
"UBUNTU-CVE-2016-7434",
"UBUNTU-CVE-2016-9042",
"UBUNTU-CVE-2016-9310",
"UBUNTU-CVE-2016-9311",
"UBUNTU-CVE-2017-6458",
"UBUNTU-CVE-2017-6460",
"UBUNTU-CVE-2017-6462",
"UBUNTU-CVE-2017-6463",
"UBUNTU-CVE-2017-6464"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.