First published: Thu Apr 28 2016(Updated: )
The following flaw was found in ntpd: Using a crafted packet to create a peer association with hmode > 7 causes the MATCH_ASSOC() lookup to make an out-of-bounds reference. Upstream bugs: <a href="http://support.ntp.org/bin/view/Main/NtpBug3009">http://support.ntp.org/bin/view/Main/NtpBug3009</a> External References: <a href="http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security">http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security</a>
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/ntp | 1:4.2.8p12+dfsg-4 1:4.2.8p15+dfsg-1 | |
redhat/ntp | <4.2.8 | 4.2.8 |
Siemens Simatic Net CP 443-1 OPC UA Firmware | ||
NTP ntp | <4.2.8 | |
NTP ntp | >=4.3.0<4.3.92 | |
NTP ntp | =4.2.8 | |
NTP ntp | =4.2.8-p1 | |
NTP ntp | =4.2.8-p1-beta1 | |
NTP ntp | =4.2.8-p1-beta2 | |
NTP ntp | =4.2.8-p1-beta3 | |
NTP ntp | =4.2.8-p1-beta4 | |
NTP ntp | =4.2.8-p1-beta5 | |
NTP ntp | =4.2.8-p1-rc1 | |
NTP ntp | =4.2.8-p1-rc2 | |
NTP ntp | =4.2.8-p2 | |
NTP ntp | =4.2.8-p2-rc1 | |
NTP ntp | =4.2.8-p2-rc2 | |
NTP ntp | =4.2.8-p2-rc3 | |
NTP ntp | =4.2.8-p3 | |
NTP ntp | =4.2.8-p3-rc1 | |
NTP ntp | =4.2.8-p3-rc2 | |
NTP ntp | =4.2.8-p3-rc3 | |
NTP ntp | =4.2.8-p4 | |
NTP ntp | =4.2.8-p5 | |
NTP ntp | =4.2.8-p6 | |
NTP ntp | =4.2.8-p7 | |
NTP ntp | =4.2.8-p8 | |
Debian GNU/Linux | =8.0 | |
Debian GNU/Linux | =9.0 | |
Debian GNU/Linux | =10.0 | |
NetApp Clustered Data ONTAP | ||
NetApp Data ONTAP 7-Mode | ||
NetApp OnCommand Balance | ||
NetApp OnCommand Performance Manager | ||
NetApp OnCommand Unified Manager | ||
Oracle Communications User Data Repository | =10.0.0 | |
Oracle Communications User Data Repository | =10.0.1 | |
Oracle Communications User Data Repository | =12.0.0 | |
Oracle Linux | =6 | |
Oracle Linux | =7 | |
redhat enterprise Linux desktop | =7.0 | |
redhat enterprise Linux server | =6.0 | |
redhat enterprise Linux server | =7.0 | |
redhat enterprise Linux server aus | =7.2 | |
redhat enterprise Linux server aus | =7.4 | |
redhat enterprise Linux server aus | =7.6 | |
redhat enterprise Linux server eus | =7.2 | |
redhat enterprise Linux server eus | =7.3 | |
redhat enterprise Linux server eus | =7.4 | |
redhat enterprise Linux server eus | =7.5 | |
redhat enterprise Linux server eus | =7.6 | |
redhat enterprise Linux server eus | =7.7 | |
redhat enterprise Linux server tus | =7.2 | |
redhat enterprise Linux server tus | =7.3 | |
redhat enterprise Linux server tus | =7.6 | |
redhat enterprise Linux server tus | =7.7 | |
redhat enterprise Linux workstation | =6.0 | |
FreeBSD FreeBSD | =9.3 | |
FreeBSD FreeBSD | =9.3-p1 | |
FreeBSD FreeBSD | =9.3-p10 | |
FreeBSD FreeBSD | =9.3-p12 | |
FreeBSD FreeBSD | =9.3-p13 | |
FreeBSD FreeBSD | =9.3-p16 | |
FreeBSD FreeBSD | =9.3-p19 | |
FreeBSD FreeBSD | =9.3-p2 | |
FreeBSD FreeBSD | =9.3-p20 | |
FreeBSD FreeBSD | =9.3-p21 | |
FreeBSD FreeBSD | =9.3-p22 | |
FreeBSD FreeBSD | =9.3-p23 | |
FreeBSD FreeBSD | =9.3-p24 | |
FreeBSD FreeBSD | =9.3-p25 | |
FreeBSD FreeBSD | =9.3-p28 | |
FreeBSD FreeBSD | =9.3-p3 | |
FreeBSD FreeBSD | =9.3-p30 | |
FreeBSD FreeBSD | =9.3-p31 | |
FreeBSD FreeBSD | =9.3-p32 | |
FreeBSD FreeBSD | =9.3-p33 | |
FreeBSD FreeBSD | =9.3-p34 | |
FreeBSD FreeBSD | =9.3-p35 | |
FreeBSD FreeBSD | =9.3-p36 | |
FreeBSD FreeBSD | =9.3-p38 | |
FreeBSD FreeBSD | =9.3-p39 | |
FreeBSD FreeBSD | =9.3-p5 | |
FreeBSD FreeBSD | =9.3-p6 | |
FreeBSD FreeBSD | =9.3-p7 | |
FreeBSD FreeBSD | =9.3-p8 | |
FreeBSD FreeBSD | =9.3-p9 | |
FreeBSD FreeBSD | =10.1 | |
FreeBSD FreeBSD | =10.1-p1 | |
FreeBSD FreeBSD | =10.1-p10 | |
FreeBSD FreeBSD | =10.1-p12 | |
FreeBSD FreeBSD | =10.1-p15 | |
FreeBSD FreeBSD | =10.1-p16 | |
FreeBSD FreeBSD | =10.1-p17 | |
FreeBSD FreeBSD | =10.1-p18 | |
FreeBSD FreeBSD | =10.1-p19 | |
FreeBSD FreeBSD | =10.1-p2 | |
FreeBSD FreeBSD | =10.1-p22 | |
FreeBSD FreeBSD | =10.1-p24 | |
FreeBSD FreeBSD | =10.1-p25 | |
FreeBSD FreeBSD | =10.1-p26 | |
FreeBSD FreeBSD | =10.1-p27 | |
FreeBSD FreeBSD | =10.1-p28 | |
FreeBSD FreeBSD | =10.1-p29 | |
FreeBSD FreeBSD | =10.1-p3 | |
FreeBSD FreeBSD | =10.1-p30 | |
FreeBSD FreeBSD | =10.1-p31 | |
FreeBSD FreeBSD | =10.1-p4 | |
FreeBSD FreeBSD | =10.1-p5 | |
FreeBSD FreeBSD | =10.1-p6 | |
FreeBSD FreeBSD | =10.1-p7 | |
FreeBSD FreeBSD | =10.1-p8 | |
FreeBSD FreeBSD | =10.1-p9 | |
FreeBSD FreeBSD | =10.2 | |
FreeBSD FreeBSD | =10.2-p1 | |
FreeBSD FreeBSD | =10.2-p10 | |
FreeBSD FreeBSD | =10.2-p11 | |
FreeBSD FreeBSD | =10.2-p12 | |
FreeBSD FreeBSD | =10.2-p13 | |
FreeBSD FreeBSD | =10.2-p14 | |
FreeBSD FreeBSD | =10.2-p2 | |
FreeBSD FreeBSD | =10.2-p5 | |
FreeBSD FreeBSD | =10.2-p7 | |
FreeBSD FreeBSD | =10.2-p8 | |
FreeBSD FreeBSD | =10.2-p9 | |
FreeBSD FreeBSD | =10.3 | |
Siemens SIMATIC CP 443-1 OPC UA Firmware | ||
Siemens Simatic Net CP 443-1 OPC UA Firmware |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-2518 is classified as a high severity vulnerability due to its potential to cause an out-of-bounds reference.
To fix CVE-2016-2518, update NTP to version 4.2.8p12 or later for Debian systems, or 4.2.8 for Red Hat systems.
CVE-2016-2518 affects various versions of NTP including those prior to 4.2.8 and covers distributions like Debian and Red Hat.
CVE-2016-2518 can be exploited through crafted packets that result in denial of service or unauthorized operation of the NTP service.
CVE-2016-2518 was publicly disclosed in April 2016.