Unrated severityNVD Advisory· Published Oct 6, 2015· Updated Jun 17, 2026
CVE-2014-9751
CVE-2014-9751
Description
The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- Range: <4.2.8p1
Patches
Vulnerability mechanics
References
9- bugs.ntp.org/show_bug.cginvdIssue TrackingPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2015-1459.htmlnvdThird Party Advisory
- support.ntp.org/bin/view/Main/SecurityNoticenvdVendor Advisory
- www.debian.org/security/2015/dsa-3388nvdThird Party Advisory
- www.kb.cert.org/vuls/id/852879nvdThird Party AdvisoryUS Government Resource
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/72584nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
News mentions
0No linked articles in our index yet.