GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Tue Mar 19, 2019 3:26 am Post subject: [ glsa 201903-15 ] ntp |
|
|
Gentoo Linux Security Advisory
Title: NTP: Multiple vulnerabilities (GLSA 201903-15)
Severity: normal
Exploitable: remote
Date: 2019-03-19
Bug(s): #658576, #679742
ID: 201903-15
Synopsis
Multiple vulnerabilities have been found in NTP, the worst of which
could result in the remote execution of arbitrary code.
Background
NTP contains software for the Network Time Protocol.
Affected Packages
Package: net-misc/ntp
Vulnerable: < 4.2.8_p13
Unaffected: >= 4.2.8_p13
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in NTP. Please review the
CVE identifiers referenced below for details.
Impact
An attacker could cause a Denial of Service condition, escalate
privileges, or remotely execute arbitrary code.
Workaround
There is no known workaround at this time.
Resolution
All NTP users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8_p13"
|
References
CVE-2018-12327
CVE-2019-8936 |
|