rpm package
suse/ntp&distro=SUSE Linux Enterprise Module for Legacy 15 SP4
pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP4
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-26555 | — | < 4.2.8p17-150000.4.25.1 | 4.2.8p17-150000.4.25.1 | Apr 11, 2023 | praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver. | ||
| CVE-2023-26554 | — | < 4.2.8p15-150000.4.22.1 | 4.2.8p15-150000.4.22.1 | Apr 11, 2023 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | ||
| CVE-2023-26553 | — | < 4.2.8p15-150000.4.22.1 | 4.2.8p15-150000.4.22.1 | Apr 11, 2023 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | ||
| CVE-2023-26552 | — | < 4.2.8p15-150000.4.22.1 | 4.2.8p15-150000.4.22.1 | Apr 11, 2023 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. | ||
| CVE-2023-26551 | — | < 4.2.8p15-150000.4.22.1 | 4.2.8p15-150000.4.22.1 | Apr 11, 2023 | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. |
- CVE-2023-26555Apr 11, 2023affected < 4.2.8p17-150000.4.25.1fixed 4.2.8p17-150000.4.25.1
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.
- CVE-2023-26554Apr 11, 2023affected < 4.2.8p15-150000.4.22.1fixed 4.2.8p15-150000.4.22.1
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
- CVE-2023-26553Apr 11, 2023affected < 4.2.8p15-150000.4.22.1fixed 4.2.8p15-150000.4.22.1
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
- CVE-2023-26552Apr 11, 2023affected < 4.2.8p15-150000.4.22.1fixed 4.2.8p15-150000.4.22.1
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
- CVE-2023-26551Apr 11, 2023affected < 4.2.8p15-150000.4.22.1fixed 4.2.8p15-150000.4.22.1
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.