NTP BUG 3044: Processing spoofed server packets
Last update: June 27, 2022 20:45 UTC (51d68a4aa)
An attacker who is able to spoof packets with correct origin timestamps from enough servers before the expected response packets arrive at the target machine can affect some peer variables and, for example, cause a false leap indication to be set.
- Implement BCP-38.
- Upgrade to 4.2.8p8 or later.
- Properly monitor your
ntpd instances, and auto-restart
-g) if it stops running.
This weakness was discovered by Jakub Prokes of Red Hat.