Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-1821 (GCVE-0-2015-1821)
Vulnerability from cvelistv5 – Published: 2015-04-16 14:00 – Updated: 2024-08-06 04:54
VLAI?
EPSS
Summary
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.293Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3222",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"name": "73955",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "GLSA-201507-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201507-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-3222",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"name": "73955",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "GLSA-201507-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201507-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-1821",
"datePublished": "2015-04-16T14:00:00",
"dateReserved": "2015-02-17T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.31\", \"matchCriteriaId\": \"CF48000B-8A0C-4280-ADA9-7A7B1F64AD1C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de buffer basado en memoria din\\u00e1mica en chrony anterior a 1.31.1 permite a usuarios remotos autenticados causar una denegaci\\u00f3n de servicio (ca\\u00edda de chronyd) o posiblemente ejecutar c\\u00f3digo arbitrario mediante la configuraci\\u00f3n del acceso (1) NTP o (2) cmdmon con un tama\\u00f1o subnet que resulta indivisible por cuatro y una direcci\\u00f3n con un bit no cero en el restante de subnet.\"}]",
"id": "CVE-2015-1821",
"lastModified": "2024-11-21T02:26:13.080",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2015-04-16T14:59:01.663",
"references": "[{\"url\": \"http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3222\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/73955\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://security.gentoo.org/glsa/201507-01\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.debian.org/security/2015/dsa-3222\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/73955\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201507-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-1821\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-04-16T14:59:01.663\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer basado en memoria din\u00e1mica en chrony anterior a 1.31.1 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda de chronyd) o posiblemente ejecutar c\u00f3digo arbitrario mediante la configuraci\u00f3n del acceso (1) NTP o (2) cmdmon con un tama\u00f1o subnet que resulta indivisible por cuatro y una direcci\u00f3n con un bit no cero en el restante de subnet.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.31\",\"matchCriteriaId\":\"CF48000B-8A0C-4280-ADA9-7A7B1F64AD1C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"}]}]}],\"references\":[{\"url\":\"http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3222\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/73955\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201507-01\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2015/dsa-3222\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/73955\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201507-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
FKIE_CVE-2015-1821
Vulnerability from fkie_nvd - Published: 2015-04-16 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tuxfamily | chrony | * | |
| debian | debian_linux | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF48000B-8A0C-4280-ADA9-7A7B1F64AD1C",
"versionEndIncluding": "1.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en chrony anterior a 1.31.1 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda de chronyd) o posiblemente ejecutar c\u00f3digo arbitrario mediante la configuraci\u00f3n del acceso (1) NTP o (2) cmdmon con un tama\u00f1o subnet que resulta indivisible por cuatro y una direcci\u00f3n con un bit no cero en el restante de subnet."
}
],
"id": "CVE-2015-1821",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-16T14:59:01.663",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"source": "secalert@redhat.com",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/73955"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201507-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201507-01"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-CM73-XW9W-XQMM
Vulnerability from github – Published: 2022-05-17 02:38 – Updated: 2022-05-17 02:38
VLAI?
Details
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.
{
"affected": [],
"aliases": [
"CVE-2015-1821"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-04-16T14:59:00Z",
"severity": "MODERATE"
},
"details": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.",
"id": "GHSA-cm73-xw9w-xqmm",
"modified": "2022-05-17T02:38:51Z",
"published": "2022-05-17T02:38:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1821"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2015-1821"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209631"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201507-01"
},
{
"type": "WEB",
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/73955"
}
],
"schema_version": "1.4.0",
"severity": []
}
RHSA-2015_2241
Vulnerability from csaf_redhat - Published: 2015-11-19 03:59 - Updated: 2024-11-22 09:10Summary
Red Hat Security Advisory: chrony security, bug fix, and enhancement update
Notes
Topic
Updated chrony packages that fix three security issues, several bugs, and
add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The chrony suite, chronyd and chronyc, is an advanced implementation of the
Network Time Protocol (NTP), specially designed to support systems with
intermittent connections. It can synchronize the system clock with NTP
servers, hardware reference clocks, and manual input. It can also operate
as an NTPv4 (RFC 5905) server or peer to provide a time service to other
computers in the network.
An out-of-bounds write flaw was found in the way chrony stored certain
addresses when configuring NTP or cmdmon access. An attacker that has the
command key and is allowed to access cmdmon (only localhost is allowed by
default) could use this flaw to crash chronyd or, possibly, execute
arbitrary code with the privileges of the chronyd process. (CVE-2015-1821)
An uninitialized pointer use flaw was found when allocating memory to save
unacknowledged replies to authenticated command requests. An attacker that
has the command key and is allowed to access cmdmon (only localhost is
allowed by default) could use this flaw to crash chronyd or, possibly,
execute arbitrary code with the privileges of the chronyd process.
(CVE-2015-1822)
A denial of service flaw was found in the way chrony hosts that were
peering with each other authenticated themselves before updating their
internal state variables. An attacker could send packets to one peer host,
which could cascade to other peers, and stop the synchronization process
among the reached peers. (CVE-2015-1853)
These issues were discovered by Miroslav Lichvár of Red Hat.
The chrony packages have been upgraded to upstream version 2.1.1, which
provides a number of bug fixes and enhancements over the previous version.
Notable enhancements include:
* Updated to NTP version 4 (RFC 5905)
* Added pool directive to specify pool of NTP servers
* Added leapsecmode directive to select how to correct clock for leap
second
* Added smoothtime directive to smooth served time and enable leap smear
* Added asynchronous name resolving with POSIX threads
* Ready for year 2036 (next NTP era)
* Improved clock control
* Networking code reworked to open separate client sockets for each NTP
server
(BZ#1117882)
This update also fixes the following bug:
* The chronyd service previously assumed that network interfaces specified
with the "bindaddress" directive were ready when the service was started.
This could cause chronyd to fail to bind an NTP server socket to the
interface if the interface was not ready. With this update, chronyd uses
the IP_FREEBIND socket option, enabling it to bind to an interface later,
not only when the service starts. (BZ#1169353)
In addition, this update adds the following enhancement:
* The chronyd service now supports four modes of handling leap seconds,
configured using the "leapsecmode" option. The clock can be either stepped
by the kernel (the default "system" mode), stepped by chronyd ("step"
mode), slowly adjusted by slewing ("slew" mode), or the leap second can be
ignored and corrected later in normal operation ("ignore" mode). If you
select slewing, the correction will always start at 00:00:00 UTC and will
be applied at a rate specified in the "maxslewrate" option. (BZ#1206504)
All chrony users are advised to upgrade to these updated packages, which
correct these issues and add these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated chrony packages that fix three security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The chrony suite, chronyd and chronyc, is an advanced implementation of the\nNetwork Time Protocol (NTP), specially designed to support systems with\nintermittent connections. It can synchronize the system clock with NTP\nservers, hardware reference clocks, and manual input. It can also operate\nas an NTPv4 (RFC 5905) server or peer to provide a time service to other\ncomputers in the network.\n\nAn out-of-bounds write flaw was found in the way chrony stored certain\naddresses when configuring NTP or cmdmon access. An attacker that has the\ncommand key and is allowed to access cmdmon (only localhost is allowed by\ndefault) could use this flaw to crash chronyd or, possibly, execute\narbitrary code with the privileges of the chronyd process. (CVE-2015-1821)\n\nAn uninitialized pointer use flaw was found when allocating memory to save\nunacknowledged replies to authenticated command requests. An attacker that\nhas the command key and is allowed to access cmdmon (only localhost is\nallowed by default) could use this flaw to crash chronyd or, possibly,\nexecute arbitrary code with the privileges of the chronyd process.\n(CVE-2015-1822)\n\nA denial of service flaw was found in the way chrony hosts that were\npeering with each other authenticated themselves before updating their\ninternal state variables. An attacker could send packets to one peer host,\nwhich could cascade to other peers, and stop the synchronization process\namong the reached peers. (CVE-2015-1853)\n\nThese issues were discovered by Miroslav Lichv\u00e1r of Red Hat.\n\nThe chrony packages have been upgraded to upstream version 2.1.1, which\nprovides a number of bug fixes and enhancements over the previous version.\nNotable enhancements include:\n\n* Updated to NTP version 4 (RFC 5905)\n\n* Added pool directive to specify pool of NTP servers\n\n* Added leapsecmode directive to select how to correct clock for leap\nsecond\n\n* Added smoothtime directive to smooth served time and enable leap smear\n\n* Added asynchronous name resolving with POSIX threads\n\n* Ready for year 2036 (next NTP era)\n\n* Improved clock control\n\n* Networking code reworked to open separate client sockets for each NTP\nserver\n\n(BZ#1117882)\n\nThis update also fixes the following bug:\n\n* The chronyd service previously assumed that network interfaces specified\nwith the \"bindaddress\" directive were ready when the service was started.\nThis could cause chronyd to fail to bind an NTP server socket to the\ninterface if the interface was not ready. With this update, chronyd uses\nthe IP_FREEBIND socket option, enabling it to bind to an interface later,\nnot only when the service starts. (BZ#1169353)\n\nIn addition, this update adds the following enhancement:\n\n* The chronyd service now supports four modes of handling leap seconds,\nconfigured using the \"leapsecmode\" option. The clock can be either stepped\nby the kernel (the default \"system\" mode), stepped by chronyd (\"step\"\nmode), slowly adjusted by slewing (\"slew\" mode), or the leap second can be\nignored and corrected later in normal operation (\"ignore\" mode). If you\nselect slewing, the correction will always start at 00:00:00 UTC and will\nbe applied at a rate specified in the \"maxslewrate\" option. (BZ#1206504)\n\nAll chrony users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:2241",
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1117882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1117882"
},
{
"category": "external",
"summary": "1169353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169353"
},
{
"category": "external",
"summary": "1206504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206504"
},
{
"category": "external",
"summary": "1209568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209568"
},
{
"category": "external",
"summary": "1209572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209572"
},
{
"category": "external",
"summary": "1209631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209631"
},
{
"category": "external",
"summary": "1209632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209632"
},
{
"category": "external",
"summary": "1211600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211600"
},
{
"category": "external",
"summary": "1219492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219492"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2241.json"
}
],
"title": "Red Hat Security Advisory: chrony security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T09:10:51+00:00",
"generator": {
"date": "2024-11-22T09:10:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2015:2241",
"initial_release_date": "2015-11-19T03:59:36+00:00",
"revision_history": [
{
"date": "2015-11-19T03:59:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-11-19T03:59:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T09:10:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.ppc64",
"product": {
"name": "chrony-0:2.1.1-1.el7.ppc64",
"product_id": "chrony-0:2.1.1-1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.x86_64",
"product": {
"name": "chrony-0:2.1.1-1.el7.x86_64",
"product_id": "chrony-0:2.1.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.aarch64",
"product": {
"name": "chrony-0:2.1.1-1.el7.aarch64",
"product_id": "chrony-0:2.1.1-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.ppc64le",
"product": {
"name": "chrony-0:2.1.1-1.el7.ppc64le",
"product_id": "chrony-0:2.1.1-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.src",
"product": {
"name": "chrony-0:2.1.1-1.el7.src",
"product_id": "chrony-0:2.1.1-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.s390x",
"product": {
"name": "chrony-0:2.1.1-1.el7.s390x",
"product_id": "chrony-0:2.1.1-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Workstation"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Miroslav Lichv\u00e1r"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-1821",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2015-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1209631"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the way Chrony stored certain addresses when configuring NTP or cmdmon access. An attacker that has the command key and is allowed to access cmdmon (only localhost is allowed by default) could use this flaw to crash chronyd or, possibly, execute arbitrary code with the privileges of the chronyd process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chrony: Heap out of bound write in address filter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-1821"
},
{
"category": "external",
"summary": "RHBZ#1209631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-1821",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1821"
}
],
"release_date": "2015-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chrony: Heap out of bound write in address filter"
},
{
"acknowledgments": [
{
"names": [
"Miroslav Lichv\u00e1r"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-1822",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2015-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1209632"
}
],
"notes": [
{
"category": "description",
"text": "An uninitialized pointer use flaw was found when allocating memory to save unacknowledged replies to authenticated command requests. An attacker that has the command key and is allowed to access cmdmon (only localhost is allowed by default) could use this flaw to crash chronyd or, possibly, execute arbitrary code with the privileges of the chronyd process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chrony: uninitialized pointer in cmdmon reply slots",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-1822"
},
{
"category": "external",
"summary": "RHBZ#1209632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-1822",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1822"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1822",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1822"
}
],
"release_date": "2015-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chrony: uninitialized pointer in cmdmon reply slots"
},
{
"acknowledgments": [
{
"names": [
"Miroslav Lichv\u00e1r"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-1853",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2015-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1209572"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in the way chrony hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chrony: authentication doesn\u0027t protect symmetric associations against DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-1853"
},
{
"category": "external",
"summary": "RHBZ#1209572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-1853",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1853"
}
],
"release_date": "2015-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chrony: authentication doesn\u0027t protect symmetric associations against DoS attacks"
}
]
}
RHSA-2015:2241
Vulnerability from csaf_redhat - Published: 2015-11-19 03:59 - Updated: 2025-11-21 17:54Summary
Red Hat Security Advisory: chrony security, bug fix, and enhancement update
Notes
Topic
Updated chrony packages that fix three security issues, several bugs, and
add various enhancements are now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
The chrony suite, chronyd and chronyc, is an advanced implementation of the
Network Time Protocol (NTP), specially designed to support systems with
intermittent connections. It can synchronize the system clock with NTP
servers, hardware reference clocks, and manual input. It can also operate
as an NTPv4 (RFC 5905) server or peer to provide a time service to other
computers in the network.
An out-of-bounds write flaw was found in the way chrony stored certain
addresses when configuring NTP or cmdmon access. An attacker that has the
command key and is allowed to access cmdmon (only localhost is allowed by
default) could use this flaw to crash chronyd or, possibly, execute
arbitrary code with the privileges of the chronyd process. (CVE-2015-1821)
An uninitialized pointer use flaw was found when allocating memory to save
unacknowledged replies to authenticated command requests. An attacker that
has the command key and is allowed to access cmdmon (only localhost is
allowed by default) could use this flaw to crash chronyd or, possibly,
execute arbitrary code with the privileges of the chronyd process.
(CVE-2015-1822)
A denial of service flaw was found in the way chrony hosts that were
peering with each other authenticated themselves before updating their
internal state variables. An attacker could send packets to one peer host,
which could cascade to other peers, and stop the synchronization process
among the reached peers. (CVE-2015-1853)
These issues were discovered by Miroslav Lichvár of Red Hat.
The chrony packages have been upgraded to upstream version 2.1.1, which
provides a number of bug fixes and enhancements over the previous version.
Notable enhancements include:
* Updated to NTP version 4 (RFC 5905)
* Added pool directive to specify pool of NTP servers
* Added leapsecmode directive to select how to correct clock for leap
second
* Added smoothtime directive to smooth served time and enable leap smear
* Added asynchronous name resolving with POSIX threads
* Ready for year 2036 (next NTP era)
* Improved clock control
* Networking code reworked to open separate client sockets for each NTP
server
(BZ#1117882)
This update also fixes the following bug:
* The chronyd service previously assumed that network interfaces specified
with the "bindaddress" directive were ready when the service was started.
This could cause chronyd to fail to bind an NTP server socket to the
interface if the interface was not ready. With this update, chronyd uses
the IP_FREEBIND socket option, enabling it to bind to an interface later,
not only when the service starts. (BZ#1169353)
In addition, this update adds the following enhancement:
* The chronyd service now supports four modes of handling leap seconds,
configured using the "leapsecmode" option. The clock can be either stepped
by the kernel (the default "system" mode), stepped by chronyd ("step"
mode), slowly adjusted by slewing ("slew" mode), or the leap second can be
ignored and corrected later in normal operation ("ignore" mode). If you
select slewing, the correction will always start at 00:00:00 UTC and will
be applied at a rate specified in the "maxslewrate" option. (BZ#1206504)
All chrony users are advised to upgrade to these updated packages, which
correct these issues and add these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated chrony packages that fix three security issues, several bugs, and\nadd various enhancements are now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The chrony suite, chronyd and chronyc, is an advanced implementation of the\nNetwork Time Protocol (NTP), specially designed to support systems with\nintermittent connections. It can synchronize the system clock with NTP\nservers, hardware reference clocks, and manual input. It can also operate\nas an NTPv4 (RFC 5905) server or peer to provide a time service to other\ncomputers in the network.\n\nAn out-of-bounds write flaw was found in the way chrony stored certain\naddresses when configuring NTP or cmdmon access. An attacker that has the\ncommand key and is allowed to access cmdmon (only localhost is allowed by\ndefault) could use this flaw to crash chronyd or, possibly, execute\narbitrary code with the privileges of the chronyd process. (CVE-2015-1821)\n\nAn uninitialized pointer use flaw was found when allocating memory to save\nunacknowledged replies to authenticated command requests. An attacker that\nhas the command key and is allowed to access cmdmon (only localhost is\nallowed by default) could use this flaw to crash chronyd or, possibly,\nexecute arbitrary code with the privileges of the chronyd process.\n(CVE-2015-1822)\n\nA denial of service flaw was found in the way chrony hosts that were\npeering with each other authenticated themselves before updating their\ninternal state variables. An attacker could send packets to one peer host,\nwhich could cascade to other peers, and stop the synchronization process\namong the reached peers. (CVE-2015-1853)\n\nThese issues were discovered by Miroslav Lichv\u00e1r of Red Hat.\n\nThe chrony packages have been upgraded to upstream version 2.1.1, which\nprovides a number of bug fixes and enhancements over the previous version.\nNotable enhancements include:\n\n* Updated to NTP version 4 (RFC 5905)\n\n* Added pool directive to specify pool of NTP servers\n\n* Added leapsecmode directive to select how to correct clock for leap\nsecond\n\n* Added smoothtime directive to smooth served time and enable leap smear\n\n* Added asynchronous name resolving with POSIX threads\n\n* Ready for year 2036 (next NTP era)\n\n* Improved clock control\n\n* Networking code reworked to open separate client sockets for each NTP\nserver\n\n(BZ#1117882)\n\nThis update also fixes the following bug:\n\n* The chronyd service previously assumed that network interfaces specified\nwith the \"bindaddress\" directive were ready when the service was started.\nThis could cause chronyd to fail to bind an NTP server socket to the\ninterface if the interface was not ready. With this update, chronyd uses\nthe IP_FREEBIND socket option, enabling it to bind to an interface later,\nnot only when the service starts. (BZ#1169353)\n\nIn addition, this update adds the following enhancement:\n\n* The chronyd service now supports four modes of handling leap seconds,\nconfigured using the \"leapsecmode\" option. The clock can be either stepped\nby the kernel (the default \"system\" mode), stepped by chronyd (\"step\"\nmode), slowly adjusted by slewing (\"slew\" mode), or the leap second can be\nignored and corrected later in normal operation (\"ignore\" mode). If you\nselect slewing, the correction will always start at 00:00:00 UTC and will\nbe applied at a rate specified in the \"maxslewrate\" option. (BZ#1206504)\n\nAll chrony users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2015:2241",
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1117882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1117882"
},
{
"category": "external",
"summary": "1169353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169353"
},
{
"category": "external",
"summary": "1206504",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1206504"
},
{
"category": "external",
"summary": "1209568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209568"
},
{
"category": "external",
"summary": "1209572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209572"
},
{
"category": "external",
"summary": "1209631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209631"
},
{
"category": "external",
"summary": "1209632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209632"
},
{
"category": "external",
"summary": "1211600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211600"
},
{
"category": "external",
"summary": "1219492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1219492"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2241.json"
}
],
"title": "Red Hat Security Advisory: chrony security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T17:54:08+00:00",
"generator": {
"date": "2025-11-21T17:54:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2015:2241",
"initial_release_date": "2015-11-19T03:59:36+00:00",
"revision_history": [
{
"date": "2015-11-19T03:59:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2015-11-19T03:59:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:54:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.ppc64",
"product": {
"name": "chrony-0:2.1.1-1.el7.ppc64",
"product_id": "chrony-0:2.1.1-1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.x86_64",
"product": {
"name": "chrony-0:2.1.1-1.el7.x86_64",
"product_id": "chrony-0:2.1.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.aarch64",
"product": {
"name": "chrony-0:2.1.1-1.el7.aarch64",
"product_id": "chrony-0:2.1.1-1.el7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.ppc64le",
"product": {
"name": "chrony-0:2.1.1-1.el7.ppc64le",
"product_id": "chrony-0:2.1.1-1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.src",
"product": {
"name": "chrony-0:2.1.1-1.el7.src",
"product_id": "chrony-0:2.1.1-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"product": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"product_id": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony-debuginfo@2.1.1-1.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "chrony-0:2.1.1-1.el7.s390x",
"product": {
"name": "chrony-0:2.1.1-1.el7.s390x",
"product_id": "chrony-0:2.1.1-1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/chrony@2.1.1-1.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.src"
},
"product_reference": "chrony-0:2.1.1-1.el7.src",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.s390x",
"relates_to_product_reference": "7Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chrony-debuginfo-0:2.1.1-1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
},
"product_reference": "chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"relates_to_product_reference": "7Workstation"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Miroslav Lichv\u00e1r"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-1821",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2015-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1209631"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the way Chrony stored certain addresses when configuring NTP or cmdmon access. An attacker that has the command key and is allowed to access cmdmon (only localhost is allowed by default) could use this flaw to crash chronyd or, possibly, execute arbitrary code with the privileges of the chronyd process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chrony: Heap out of bound write in address filter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-1821"
},
{
"category": "external",
"summary": "RHBZ#1209631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-1821",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1821"
}
],
"release_date": "2015-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chrony: Heap out of bound write in address filter"
},
{
"acknowledgments": [
{
"names": [
"Miroslav Lichv\u00e1r"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-1822",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2015-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1209632"
}
],
"notes": [
{
"category": "description",
"text": "An uninitialized pointer use flaw was found when allocating memory to save unacknowledged replies to authenticated command requests. An attacker that has the command key and is allowed to access cmdmon (only localhost is allowed by default) could use this flaw to crash chronyd or, possibly, execute arbitrary code with the privileges of the chronyd process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chrony: uninitialized pointer in cmdmon reply slots",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-1822"
},
{
"category": "external",
"summary": "RHBZ#1209632",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209632"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-1822",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1822"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1822",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1822"
}
],
"release_date": "2015-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chrony: uninitialized pointer in cmdmon reply slots"
},
{
"acknowledgments": [
{
"names": [
"Miroslav Lichv\u00e1r"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-1853",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2015-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1209572"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in the way chrony hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chrony: authentication doesn\u0027t protect symmetric associations against DoS attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-1853"
},
{
"category": "external",
"summary": "RHBZ#1209572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1209572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-1853",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1853"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1853",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1853"
}
],
"release_date": "2015-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2015-11-19T03:59:36+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2015:2241"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Client:chrony-0:2.1.1-1.el7.aarch64",
"7Client:chrony-0:2.1.1-1.el7.ppc64",
"7Client:chrony-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-0:2.1.1-1.el7.s390x",
"7Client:chrony-0:2.1.1-1.el7.src",
"7Client:chrony-0:2.1.1-1.el7.x86_64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Client:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-0:2.1.1-1.el7.src",
"7ComputeNode:chrony-0:2.1.1-1.el7.x86_64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7ComputeNode:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Server:chrony-0:2.1.1-1.el7.aarch64",
"7Server:chrony-0:2.1.1-1.el7.ppc64",
"7Server:chrony-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-0:2.1.1-1.el7.s390x",
"7Server:chrony-0:2.1.1-1.el7.src",
"7Server:chrony-0:2.1.1-1.el7.x86_64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Server:chrony-debuginfo-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-0:2.1.1-1.el7.src",
"7Workstation:chrony-0:2.1.1-1.el7.x86_64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.aarch64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.ppc64le",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.s390x",
"7Workstation:chrony-debuginfo-0:2.1.1-1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "chrony: authentication doesn\u0027t protect symmetric associations against DoS attacks"
}
]
}
GSD-2015-1821
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-1821",
"description": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.",
"id": "GSD-2015-1821",
"references": [
"https://www.suse.com/security/cve/CVE-2015-1821.html",
"https://www.debian.org/security/2015/dsa-3222",
"https://access.redhat.com/errata/RHSA-2015:2241",
"https://advisories.mageia.org/CVE-2015-1821.html",
"https://alas.aws.amazon.com/cve/html/CVE-2015-1821.html",
"https://linux.oracle.com/cve/CVE-2015-1821.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-1821"
],
"details": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.",
"id": "GSD-2015-1821",
"modified": "2023-12-13T01:20:05.083875Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "MISC",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html",
"refsource": "MISC",
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"name": "http://www.debian.org/security/2015/dsa-3222",
"refsource": "MISC",
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "http://www.securityfocus.com/bid/73955",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/73955"
},
{
"name": "https://security.gentoo.org/glsa/201507-01",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/201507-01"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:tuxfamily:chrony:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.31",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1821"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)",
"refsource": "MLIST",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"
},
{
"name": "DSA-3222",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2015/dsa-3222"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "73955",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/73955"
},
{
"name": "GLSA-201507-01",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201507-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2023-02-13T00:47Z",
"publishedDate": "2015-04-16T14:59Z"
}
}
}
CNVD-2015-02696
Vulnerability from cnvd - Published: 2015-04-24
VLAI Severity ?
Title
chrony堆缓冲区溢出漏洞
Description
chrony是软件开发者Richard Curnow所研发的一套用于维护计算机系统时钟精度的工具。该工具包含chronyd(在系统后台运行的守护进程)和chronyc(用来监控chronyd性能和配置其参数的用户界面)程序。
chrony 1.31.1之前版本存在堆缓冲区溢出漏洞。当程序配置NTP或cmdmon访问控制权限时,远程攻击者可借助特定的地址/子网掩码(address/subnet)对利用该漏洞造成拒绝服务(chronyd崩溃),或执行任意代码。
Severity
中
Formal description
目前没有详细解决方案提供: http://chrony.tuxfamily.org/index.html
Reference
http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html
Impacted products
| Name | Chrony Chrony <1.31.1 |
|---|
{
"bids": {
"bid": {
"bidNumber": "73955"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2015-1821"
}
},
"description": "chrony\u662f\u8f6f\u4ef6\u5f00\u53d1\u8005Richard Curnow\u6240\u7814\u53d1\u7684\u4e00\u5957\u7528\u4e8e\u7ef4\u62a4\u8ba1\u7b97\u673a\u7cfb\u7edf\u65f6\u949f\u7cbe\u5ea6\u7684\u5de5\u5177\u3002\u8be5\u5de5\u5177\u5305\u542bchronyd\uff08\u5728\u7cfb\u7edf\u540e\u53f0\u8fd0\u884c\u7684\u5b88\u62a4\u8fdb\u7a0b\uff09\u548cchronyc\uff08\u7528\u6765\u76d1\u63a7chronyd\u6027\u80fd\u548c\u914d\u7f6e\u5176\u53c2\u6570\u7684\u7528\u6237\u754c\u9762\uff09\u7a0b\u5e8f\u3002\r\n\r\nchrony 1.31.1\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u5f53\u7a0b\u5e8f\u914d\u7f6eNTP\u6216cmdmon\u8bbf\u95ee\u63a7\u5236\u6743\u9650\u65f6\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5b9a\u7684\u5730\u5740/\u5b50\u7f51\u63a9\u7801\uff08address/subnet\uff09\u5bf9\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08chronyd\u5d29\u6e83\uff09\uff0c\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"discovererName": "Miroslav Lichv\u0026aacute;r of Red Hat",
"formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttp://chrony.tuxfamily.org/index.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-02696",
"openTime": "2015-04-24",
"products": {
"product": "Chrony Chrony \u003c1.31.1"
},
"referenceLink": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html",
"serverity": "\u4e2d",
"submitTime": "2015-04-23",
"title": "chrony\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…