NTP BUG 3388: Buffer Overflow in DPTS Clock
Last update: June 27, 2022 20:45 UTC (51d68a4aa)
There is a potential for a buffer overflow in the legacy Datum Programmable Time Server refclock driver. Here the packets are processed from the
/dev/datum device and handled in
datum_pts_receive(). Since an attacker would be required to somehow control a malicious
/dev/datum device, this does not appear to be a practical attack and renders this issue “Low” in terms of severity.
- If you have a Datum reference clock installed and think somebody may maliciously change the device, upgrade to 4.2.8p10 or later.
- Properly monitor your
ntpd instances, and auto-restart
-g) if it stops running.
This weakness was discovered by Cure53.