NTP BUG 3592: DoS Attack on Unauthenticated Client
Last update: June 27, 2022 20:45 UTC (51d68a4aa)
Summary
Description
The fix for 3445 introduced a bug whereby a system that is running ntp-4.2.8p12 or p13 that only has one unauthenticated time source can be attacked in a way that causes the victim’s next poll to its source to be delayed, for as long as the attack is maintained.
Mitigation
- Use authentication with symmetric peers.
- Have enough sources of time.
- Upgrade to 4.2.8p14 or later.
Credit
Reported by Miroslav Lichvar.
Timeline