Ubuntu
ntp package

security issues in ntp

  1. Trusty (14.04)
  2. Bug #1404648
Bug #1404648 reported by Ralf Hildebrandt
268
This bug affects 2 people
Affects Status Importance Assigned to Milestone
ntp (Ubuntu)
Fix Released
Medium
Unassigned
Lucid
Fix Released
Medium
Marc Deslauriers
Precise
Fix Released
Medium
Marc Deslauriers
Trusty
Fix Released
Medium
Marc Deslauriers
Utopic
Fix Released
Medium
Marc Deslauriers

Bug Description

http://support.ntp.org/bin/view/Main/SecurityNotice
lists 4 issues:

Buffer overflow in crypto_recv()
References: Sec 2667 / CVE-2014-9295 / VU#852879
CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
Versions: All releases before 4.2.8
Date Resolved: Stable (4.2.8) 18 Dec 2014

Buffer overflow in ctl_putdata()
References: Sec 2668 / CVE-2014-9295 / VU#852879
Versions: All NTP4 releases before 4.2.8
CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
Date Resolved: Stable (4.2.8) 18 Dec 2014

Buffer overflow in configure()
References: Sec 2669 / CVE-2014-9295 / VU#852879
Versions: All NTP4 releases before 4.2.8
CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
Date Resolved: Stable (4.2.8) 18 Dec 2014

receive(): missing return on error
References: Sec 2670 / CVE-2014-9296 / VU#852879
Versions: All NTP4 releases before 4.2.8
CVSS: (AV:N/AC:L/Au:N/C:N/I:N/A:P) Base Score: 5.0
Date Resolved: Stable (4.2.8) 18 Dec 2014

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: ntp 1:4.2.6.p5+dfsg-3ubuntu2
ProcVersionSignature: Ubuntu 3.13.0-39.66-lowlatency 3.13.11.8
Uname: Linux 3.13.0-39-lowlatency x86_64
ApportVersion: 2.14.1-0ubuntu3.6
Architecture: amd64
Date: Sun Dec 21 13:24:35 2014
InstallationDate: Installed on 2012-08-23 (849 days ago)
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
KernLog:

SourcePackage: ntp
UpgradeStatus: Upgraded to trusty on 2014-03-02 (293 days ago)
modified.conffile..etc.ntp.conf: [modified]
mtime.conffile..etc.ntp.conf: 2014-06-02T17:06:11.921841

Revision history for this message
Ralf Hildebrandt (ralf-hildebrandt) wrote :
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thanks for the bug. These issues are being tracked here:
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9293.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9294.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9295.html
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9296.html

and there are test packages here:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages

Note: Ubuntu has mitigations in the default install that lesson the severity of two of the CVEs.

information type: Private Security → Public Security
Changed in ntp (Ubuntu):
status: New → In Progress
Changed in ntp (Ubuntu Lucid):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in ntp (Ubuntu Precise):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in ntp (Ubuntu Trusty):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in ntp (Ubuntu Utopic):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in ntp (Ubuntu):
status: In Progress → Triaged
importance: Undecided → Medium
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

http://www.ubuntu.com/usn/usn-2449-1/

Changed in ntp (Ubuntu Lucid):
status: In Progress → Fix Released
Changed in ntp (Ubuntu Precise):
status: In Progress → Fix Released
Changed in ntp (Ubuntu Trusty):
status: In Progress → Fix Released
Changed in ntp (Ubuntu Utopic):
status: In Progress → Fix Released
Changed in ntp (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.