NetworkTimeFoundation NTP CVE-2020-15025 Denial of Service Vulnerability
Description
Systems that use a CMAC algorithm in ntp.keys will not release a bit of memory on each packet that uses a CMAC keyid, eventually causing ntpd to run out of memory and fail. The CMAC cleanup part of ntp-4.2.8p11, introduced a bug whereby the CMAC data structure was no longer completely removed.
Affected Applications
NTP