CVE-2015-1821

EPSS 2.6%

chrony - security update

發布日:2015/4/16修改日:2026/3/9

也稱為:DSA-3222-1DEBIAN-CVE-2015-1821

描述

Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.

受影響套件(3)

Debian/chronyfrom 0, < 1.30-2
Debian/chronyfrom 0, < 1.24-3+squeeze2
Debian/chronyfrom 0, < 1.24-3.1+deb7u3

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1821