CVE-2015-1822

描述

chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.

受影響套件(1)

• Debian/chronyfrom 0, < 1.30-2

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1822