CVE-2015-1853

chrony versiones anteriores a 1.31.1, no protege apropiadamente las variables de estado en asociaciones NTP simétricas autenticadas, lo que permite a atacantes remotos con conocimiento del emparejamiento NTP causar una denegación de servicio (incapacidad de sincronización) mediante marcas de tiempo aleatorias en paquetes de datos NTP diseñados.

A denial of service flaw was found in the way chrony hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

The chrony suite, chronyd and chronyc, is an advanced implementation of the Network Time Protocol, specially designed to support systems with intermittent connections. It can synchronize the system clock with NTP servers, hardware reference clocks, and manual input. It can also operate as an NTPv4 server or peer to provide a time service to other computers in the network. An out-of-bounds write flaw was found in the way chrony stored certain addresses when configuring NTP or cmdmon access. An attacker that has the command key and is allowed to access cmdmon could use this flaw to crash chronyd or, possibly, execute arbitrary code with the privileges of the chronyd process.