Wind River Support Network


LIN6-10453 : Security Advisory - ntp - CVE-2015-7855

Created: Oct 22, 2015    Updated: Dec 3, 2018
Resolved Date: Oct 27, 2015
Previous ID: LIN4-33121
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace


It was found that NTP's decodenetnum() would abort with an assertion failure when processing a mode 6 or mode 7 packet containing an unusually long data value where a network address was expected. This could allow an authenticated attacker to crash ntpd.

External References:

Other Downloads

Live chat