CVE-2014-9751: Input Validation
First published: Tue Oct 06 2015(Updated: )
The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NTP | >=4.2.0<4.2.8 | |
| NTP | =4.2.8 | |
| Apple iOS and macOS | ||
| Linux kernel | ||
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Debian | =7.0 | |
| Debian | =8.0 | |
| Debian | =9.0 | |
| Oracle Linux | =7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugs.ntp.org/show_bug.cgi?id=2672
- http://rhn.redhat.com/errata/RHSA-2015-1459.html
- http://support.ntp.org/bin/view/Main/SecurityNotice#December_2014_NTP_Security_Vulne
- http://www.debian.org/security/2015/dsa-3388
- http://www.kb.cert.org/vuls/id/852879
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/72584
- https://bugzilla.redhat.com/show_bug.cgi?id=1184572
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us
Frequently Asked Questions
What is the severity of CVE-2014-9751?
CVE-2014-9751 is considered a moderate severity vulnerability that allows remote attackers to spoof restricted packets.
How do I fix CVE-2014-9751?
To fix CVE-2014-9751, upgrade NTP to version 4.2.8p1 or later.
Which versions of NTP are affected by CVE-2014-9751?
NTP versions before 4.2.8p1, specifically 4.2.0 through 4.2.8, are affected by CVE-2014-9751.
Can CVE-2014-9751 impact Linux and macOS users?
Yes, CVE-2014-9751 affects NTP versions running on Linux and macOS platforms.
What types of attacks can CVE-2014-9751 facilitate?
CVE-2014-9751 can facilitate attacks that allow remote attackers to read or write to the runtime state of the NTP service.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/references
- agent/author
- agent/remedy
- agent/severity
- agent/weakness
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ntp
- canonical/ntp ntp
- version/ntp ntp/4.2.0
- version/ntp ntp/4.2.8
- vendor/apple
- canonical/apple ios and macos
- vendor/linux
- canonical/linux kernel
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/7.0
- version/debian gnu/linux/8.0
- version/debian gnu/linux/9.0
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/7