Bugzilla – Bug 962966
VUL-1: CVE-2015-8158: ntp,xntp: potential infinite loop in ntpq
Last modified: 2016-09-01 14:23:04 UTC
http://support.ntp.org/bin/view/Main/NtpBug2948 Summary: ntpq processes incoming packets in a loop in getresponse(). The loop's only stopping conditions are receiving a complete and correct response or hitting a small number of error conditions. If the packet contains incorrect values that don't trigger one of the error conditions, the loop continues to receive new packets. Note well, this is an attack against an instance of ntpq, not ntpd, and this attack requires the attacker to do one of the following: Own a malicious NTP server that the client trusts Prevent a legitimate NTP server from sending packets to the ntpq client MITM the ntpq communications between the ntpq client and the NTP server References: https://bugzilla.redhat.com/show_bug.cgi?id=1300273 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8158 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2016-02-04. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62463
bugbot adjusting priority
This is an autogenerated message for OBS integration: This bug (962966) was mentioned in https://build.opensuse.org/request/show/370038 Factory / ntp
SUSE-SU-2016:1175-1: An update that solves 12 vulnerabilities and has 8 fixes is now available. Category: security (important) Bug References: 782060,784760,916617,951559,951629,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981 CVE References: CVE-2015-5300,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): ntp-4.2.8p6-8.2 SUSE Linux Enterprise Debuginfo 11-SP4 (src): ntp-4.2.8p6-8.2
SUSE-SU-2016:1177-1: An update that solves 12 vulnerabilities and has 8 fixes is now available. Category: security (important) Bug References: 782060,916617,937837,951559,951629,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981 CVE References: CVE-2015-5300,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): yast2-ntp-client-3.1.22-6.2 SUSE Linux Enterprise Server 12-SP1 (src): ntp-4.2.8p6-8.2, yast2-ntp-client-3.1.22-6.2 SUSE Linux Enterprise Desktop 12-SP1 (src): ntp-4.2.8p6-8.2, yast2-ntp-client-3.1.22-6.2
SUSE-SU-2016:1247-1: An update that solves 28 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 782060,905885,910063,916617,920238,926510,936327,937837,942587,944300,946386,951559,951608,951629,954982,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981 CVE References: CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): yast2-ntp-client-3.1.12.4-8.2 SUSE Linux Enterprise Server 12 (src): ntp-4.2.8p6-46.5.2, yast2-ntp-client-3.1.12.4-8.2 SUSE Linux Enterprise Desktop 12 (src): ntp-4.2.8p6-46.5.2, yast2-ntp-client-3.1.12.4-8.2
openSUSE-SU-2016:1292-1: An update that solves 12 vulnerabilities and has 8 fixes is now available. Category: security (important) Bug References: 782060,916617,937837,951559,951629,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981 CVE References: CVE-2015-5300,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158 Sources used: openSUSE Leap 42.1 (src): ntp-4.2.8p6-15.1, yast2-ntp-client-3.1.22-6.1
SUSE-SU-2016:1311-1: An update that solves 30 vulnerabilities and has 6 fixes is now available. Category: security (important) Bug References: 782060,784760,905885,910063,916617,920183,920238,926510,936327,937837,942441,942587,943216,943218,944300,946386,951351,951559,951608,951629,954982,956773,962318,962784,962802,962960,962966,962970,962988,962994,962995,962997,963000,963002,975496,975981 CVE References: CVE-2015-5194,CVE-2015-5219,CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158 Sources used: SUSE OpenStack Cloud 5 (src): ntp-4.2.8p6-41.1 SUSE Manager Proxy 2.1 (src): ntp-4.2.8p6-41.1 SUSE Manager 2.1 (src): ntp-4.2.8p6-41.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): ntp-4.2.8p6-41.1 SUSE Linux Enterprise Server 11-SP2-LTSS (src): ntp-4.2.8p6-41.1, yast2-ntp-client-2.17.14.1-1.12.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): ntp-4.2.8p6-41.1 SUSE Linux Enterprise Debuginfo 11-SP2 (src): ntp-4.2.8p6-41.1
This is an autogenerated message for OBS integration: This bug (962966) was mentioned in https://build.opensuse.org/request/show/396591 13.2 / ntp
openSUSE-SU-2016:1423-1: An update that fixes 37 vulnerabilities is now available. Category: security (moderate) Bug References: 782060,905885,910063,916617,920238,926510,936327,942587,944300,946386,951559,951608,951629,954982,956773,957226,962318,962784,962802,962960,962966,962970,962988,962995,963000,963002,975496,977446,977450,977451,977452,977455,977457,977458,977459,977461,977464 CVE References: CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8139,CVE-2015-8140,CVE-2015-8158,CVE-2016-1547,CVE-2016-1548,CVE-2016-1549,CVE-2016-1550,CVE-2016-1551,CVE-2016-2516,CVE-2016-2517,CVE-2016-2518,CVE-2016-2519 Sources used: openSUSE 13.2 (src): ntp-4.2.8p7-25.15.1
An update workflow for this issue was started. This issue was rated as important. Please submit fixed packages until 2016-06-21. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62822
Should a FAIL for ntpd at least enable openSUSE 41.2 users to start their systemss before try update time settings ? On other machine changing setting to include IPv6 (while ISP is IPv4) appeared trigger stall problem. Our system with problem runs with updates until they require re-starts, will change batteries see IF (flat batteries) contribute to the problem.
SUSE-SU-2016:1912-1: An update that solves 43 vulnerabilities and has 9 fixes is now available. Category: security (important) Bug References: 782060,784760,905885,910063,916617,920183,920238,920893,920895,920905,924202,926510,936327,943218,943221,944300,951351,951559,951629,952611,957226,962318,962784,962802,962960,962966,962970,962988,962995,963000,963002,975496,977450,977451,977452,977455,977457,977458,977459,977461,977464,979302,981422,982056,982064,982065,982066,982067,982068,988417,988558,988565 CVE References: CVE-2015-1798,CVE-2015-1799,CVE-2015-5194,CVE-2015-5300,CVE-2015-7691,CVE-2015-7692,CVE-2015-7701,CVE-2015-7702,CVE-2015-7703,CVE-2015-7704,CVE-2015-7705,CVE-2015-7848,CVE-2015-7849,CVE-2015-7850,CVE-2015-7851,CVE-2015-7852,CVE-2015-7853,CVE-2015-7854,CVE-2015-7855,CVE-2015-7871,CVE-2015-7973,CVE-2015-7974,CVE-2015-7975,CVE-2015-7976,CVE-2015-7977,CVE-2015-7978,CVE-2015-7979,CVE-2015-8138,CVE-2015-8158,CVE-2016-1547,CVE-2016-1548,CVE-2016-1549,CVE-2016-1550,CVE-2016-1551,CVE-2016-2516,CVE-2016-2517,CVE-2016-2518,CVE-2016-2519,CVE-2016-4953,CVE-2016-4954,CVE-2016-4955,CVE-2016-4956,CVE-2016-4957 Sources used: SUSE Linux Enterprise Server 10 SP4 LTSS (src): ntp-4.2.8p8-0.7.1
all released