Description
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
References (39)
Core 39
Core References
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1930.html
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://seclists.org/bugtraq/2016/Feb/164
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
Third Party Advisory x_refsource_confirm
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2783-1
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01
Third Party Advisory x_refsource_confirm
https://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1271076
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=swg21980676
Third Party Advisory x_refsource_confirm
https://support.citrix.com/article/CTX220112
Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html
Third Party Advisory x_refsource_confirm
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428
Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170684.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3388
Third Party Advisory x_refsource_confirm
https://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Third Party Advisory x_refsource_confirm
http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc
Third Party Advisory x_refsource_misc
https://www.cs.bu.edu/~goldbe/NTPattack.html
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1034670
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/77312
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
Third Party Advisory vendor-advisory
x_refsource_freebsd
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:02.ntp.asc
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=swg21979393
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885
Third Party Advisory x_refsource_confirm
https://bto.bluecoat.com/security-advisory/sa113
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=swg21983501
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821
Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
http://support.ntp.org/bin/view/Main/NtpBug2956
Third Party Advisory x_refsource_confirm
https://www-01.ibm.com/support/docview.wss?uid=swg21983506
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20171004-0001/
Scores
CVSS v3
7.5
EPSS
0.3684
EPSS Percentile
97.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-361
Status
published
Products (32)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
15.04
canonical/ubuntu_linux
15.10
debian/debian_linux
7.0
debian/debian_linux
8.0
fedoraproject/fedora
21
fedoraproject/fedora
22
ntp/ntp
< 4.2.8
opensuse/leap
42.1
... and 22 more
Published
Jul 21, 2017
Tracked Since
Feb 18, 2026