CVE-2010-0292

EPSS 1.2%

chrony - denial of service

發布日:2010/2/8修改日:2026/4/28

也稱為:DEBIAN-CVE-2010-0292

描述

The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a spoofed cmdmon packet that triggers a continuous exchange of NOHOSTACCESS messages between two daemons, a related issue to CVE-2009-3563.

受影響套件(2)

Debian/chronyfrom 0, < 1.23-7
Debian/chronyfrom 0, < 1.21z-5+etch1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-0292