Wind River Support Network


LIN6-10085 : Security Advisory - ntp - CVE-2015-5146

Created: Jun 30, 2015    Updated: Dec 3, 2018
Resolved Date: Jul 6, 2015
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace


NTP CVE-2015-5146 [Sec 2853]

Under limited and specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following to be true:

1. ntpd set up to allow for remote configuration (not allowed by default), and
2. knowledge of the configuration password, and
3. access to a computer entrusted to perform remote configuration.

Other Downloads

Live chat