NetworkTimeFoundation NTP CVE-2020-15025 Denial of Service Vulnerability

description-logoDescription

Systems that use a CMAC algorithm in ntp.keys will not release a bit of memory on each packet that uses a CMAC keyid, eventually causing ntpd to run out of memory and fail. The CMAC cleanup part of ntp-4.2.8p11, introduced a bug whereby the CMAC data structure was no longer completely removed.

affected-products-logoAffected Applications

NTP

CVE References

CVE-2020-15025