Wind River Support Network

HomeDefectsLIN6-10085

Fixed

LIN6-10085 : Security Advisory - ntp - CVE-2015-5146

Created: Jun 30, 2015 Updated: Dec 3, 2018

Resolved Date: Jul 6, 2015

Found In Version: 6.0.0.20

Fix Version: 6.0.0.23

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

NTP CVE-2015-5146 [Sec 2853]

Under limited and specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following to be true:

1. ntpd set up to allow for remote configuration (not allowed by default), and
2. knowledge of the configuration password, and
3. access to a computer entrusted to perform remote configuration.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5146

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38