EIP-2026-102664

PRE-CVE

Linux NTP query client 4.2.6p1 - Heap Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102664. PoCs published by mr_me.

AI-analyzed exploit summary This is a writeup detailing a local heap overflow vulnerability in the ntpq utility (version 4.2.6p1) that allows for potential control of registers (EDX, ESI) and execution flow redirection. The analysis includes GDB output showing the crash and register states, but no functional exploit code is provided.

Description

Linux NTP query client 4.2.6p1 - Heap Overflow

Exploits (1)

exploitdb WRITEUP VERIFIED

by mr_me · textdoslinux

https://www.exploit-db.com/exploits/16960

View Code ZIP pw:eip

This is a writeup detailing a local heap overflow vulnerability in the ntpq utility (version 4.2.6p1) that allows for potential control of registers (EDX, ESI) and execution flow redirection. The analysis includes GDB output showing the crash and register states, but no functional exploit code is provided.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: ntpq (NTP query client) v4.2.6p1

No auth needed

Prerequisites: Local access to the system · ntpq binary installed

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026