CVE-2014-9294
Description
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, enabling remote attackers to brute-force cryptographic keys.
Vulnerability
The util/ntp-keygen.c file in the ntp-keygen utility, part of NTP versions prior to 4.2.7p230, uses a weak pseudorandom number generator (PRNG) seed when generating symmetric keys. This flaw makes the resulting keys predictable if an attacker can brute-force the seed space [1][2]. The weak seed is derived from a non-cryptographic source, reducing the effective entropy of the generated keys.
Exploitation
An unauthenticated, remote attacker can exploit this vulnerability by first obtaining a sample of the generated key material (e.g., by capturing NTP packets that use the key for authentication). With the key in hand, the attacker can perform a brute-force search over the limited seed space to recover the seed and subsequently predict future keys or derive the original key [1][3]. No special network position beyond the ability to observe NTP traffic is required.
Impact
Successful exploitation allows the attacker to defeat cryptographic protections that rely on the weak keys. This can lead to disclosure of sensitive information (e.g., NTP authentication credentials), impersonation of legitimate NTP servers, or man-in-the-middle attacks that compromise the integrity and confidentiality of time synchronization data [1][2]. The impact is rated as high (CVSS 7.5) due to the low complexity and network-based attack vector.
Mitigation
The vulnerability is fixed in NTP version 4.2.7p230 and later [1]. Cisco, HP, and Red Hat have released security advisories and patches for their affected products [1][2][3][4]. Users should upgrade to the latest NTP version or apply vendor-specific updates. No workaround is available; upgrading is the only complete mitigation.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6- osv-coords4 versionspkg:rpm/opensuse/ntp&distro=openSUSE%20Tumbleweedpkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
< 4.2.8p9-1.1+ 3 more
- (no CPE)range: < 4.2.8p9-1.1
- (no CPE)range: < 4.2.6p5-37.2
- (no CPE)range: < 4.2.6p5-37.2
- (no CPE)range: < 4.2.6p5-37.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
21- bk1.ntp.org/ntp-dev/util/ntp-keygen.cnvdExploit
- support.ntp.org/bin/view/Main/SecurityNoticenvdVendor Advisory
- www.kb.cert.org/vuls/id/852879nvdThird Party AdvisoryUS Government Resource
- advisories.mageia.org/MGASA-2014-0541.htmlnvd
- bugs.ntp.org/show_bug.cginvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- rhn.redhat.com/errata/RHSA-2014-2025.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-0104.htmlnvd
- secunia.com/advisories/62209nvd
- www.mandriva.com/security/advisoriesnvd
- www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlnvd
- www.securityfocus.com/bid/71762nvd
- bugzilla.redhat.com/show_bug.cginvd
- h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
- h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
- kc.mcafee.com/corporate/indexnvd
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpdnvd
- www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8nvd
News mentions
0No linked articles in our index yet.