CVE-2015-1821

chrony < 1.31 - Authenticated Heap-based Buffer Overflow via NTP or cmdmon Subnet Configuration

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.

References (5)

Core 5
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3222
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/73955
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201507-01

Scores

EPSS 0.0344
EPSS Percentile 87.6%

Details

CWE
CWE-119
Status published
Products (2)
debian/debian_linux 7.0
tuxfamily/chrony < 1.31
Published Apr 16, 2015
Tracked Since Feb 18, 2026