Unrated severityNVD Advisory· Published Feb 8, 2010· Updated Apr 29, 2026
CVE-2010-0293
CVE-2010-0293
Description
The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
Affected products
11cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*range: <=1.23-pre1
- cpe:2.3:a:tuxfamily:chrony:1.18:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19-1:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19.99.1:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19.99.2:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.19.99.3:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.20:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.21:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.21-pre1:*:*:*:*:*:*:*
- cpe:2.3:a:tuxfamily:chrony:1.24-pre1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- chrony.tuxfamily.org/News.htmlnvdVendor Advisory
- secunia.com/advisories/38428nvdVendor Advisory
- secunia.com/advisories/38480nvdVendor Advisory
- www.debian.org/security/2010/dsa-1992nvd
- www.securityfocus.com/bid/38106nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.