NTP BUG 3009: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC
Last update: June 28, 2022 20:06 UTC (57417e17c)
Summary
Description
Using a crafted packet to create a peer association with hmode
> 7 causes the MATCH_ASSOC()
lookup to make an out-of-bounds reference.
Mitigation
Credit
This weakness was discovered by Yihan Lian of the Cloud Security Team, Qihoo 360.
Timeline