Internet threat level: 1
Home→Descriptions→SA38428
Chrony Denial of Service Security Issue and Vulnerability
| Secunia ID | |
| CVE-ID | |
| Release Date |
05 Feb 2010 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Software |
Chrony 1.x |
| Where | |
| Impact |
DoS (Denial of Service)This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. |
| Description |
A security issue and a vulnerability have been reported in Chrony, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) A vulnerability is caused due to an error within the processing of "cmdmon" packets, which can be exploited to cause a packet reply loop by sending a specially crafted packet with a spoofed source IP address to an affected Chrony server. 2) A security issue is caused due to the logging facility not properly limiting the amount of memory used to store client information. This can be exploited to cause a DoS due to memory exhaustion by sending a large number of spoofed NTP or "cmdmon" packets. Successful exploitation requires that chronyd allows access from a wide range of IP addresses (restricted to 127.0.0.1 by default). NOTE: Additionally, chronyd does not limit the rate for log messages, which can be used to fill up the disk space. |
| Solution |
Update to version 1.23.1 or 1.24. |
| Reported by |
Reported by the vendor. |
| Original Advisory |
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.