VYPR
High severity8.1NVD Advisory· Published Jan 26, 2016· Updated Jun 17, 2026

CVE-2016-1567

CVE-2016-1567

Description

chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Chrony/Chrony6 versions
    cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*range: <=1.31.1
    • cpe:2.3:a:tuxfamily:chrony:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tuxfamily:chrony:2.2:*:*:*:*:*:*:*
    • (no CPE)range: <1.31.2, <2.2.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.