Wind River Support Network


LIN5-20613 : Security Advisory - ntp - CVE-2015-5146

Created: Jun 30, 2015    Updated: Dec 19, 2017
Resolved Date: Jul 6, 2015
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace


NTP CVE-2015-5146 [Sec 2853]

Under limited and specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following to be true:

1. ntpd set up to allow for remote configuration (not allowed by default), and
2. knowledge of the configuration password, and
3. access to a computer entrusted to perform remote configuration.

Other Downloads

Live chat