NTP BUG 2952: Original fix for NTP Bug 2901 broke peer associations

Last update: June 28, 2022 20:06 UTC (57417e17c)

---

Summary

Resolved	4.2.8p7	26 Apr 2016
References	Bug 2952	CVE-2015-7704
Affects	4.2.8p4 up to but not including 4.2.8p7, and 4.3.77 up to, but not including 4.3.92.	Resolved in 4.2.8p7.

---

Description

The fix for NTP Bug 2901 in ntp-4.2.8p4 went too far, breaking peer associations.

---

Mitigation

• Upgrade to 4.2.8p7 or later.
• Don’t connect to ntp-4.2.8p4 thru p6 instances of ntpd using a peer association.
• If you are running ntp-4.2.8p4 thru p6 instances of ntpd don’t expect clients that connect to you with peer associations to work.
• Properly monitor your ntpd instances.

---

Credit

This weakness was discovered by Michael Tatarinov , NTP Project Developer Volunteer.

---

Timeline

• 2016 Apr 26: Public release
• 2016 Apr 12: Early Access Program Release: Premier and Partner Institutional Members
• 2016 Feb 14: Notification to Institutional Members
• 2016 Jan 12: Initial notification from Cisco