729458 – (CVE-2020-15025) <net-misc/ntp-4.2.8_p15: Memory leak allowing denial of service (CVE-2020-15025)

Bug 729458 (CVE-2020-15025) - <net-misc/ntp-4.2.8_p15: Memory leak allowing denial of service (CVE-2020-15025)

Summary: <net-misc/ntp-4.2.8_p15: Memory leak allowing denial of service (CVE-2020-15025)

Status:	RESOLVED FIXED

Alias:	CVE-2020-15025

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:	https://support.ntp.org/bin/view/Main...
Whiteboard:	A3 [glsa+ cve]
Keywords:

Depends on:
Blocks:

Reported:	2020-06-24 15:33 UTC by Sam James
Modified:	2022-07-29 09:57 UTC (History)
CC List:	2 users (show)

See Also:	CVE-2020-11868, CVE-2020-13817
Package list:	net-misc/ntp-4.2.8_p15
Runtime testing required:	---

Flags:	nattka: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sam James archtester

2020-06-24 15:33:53 UTC

Description:
"MEDIUM: Sec 3661: Memory leak with CMAC keys

    Systems that use a CMAC algorithm in ntp.keys will not release a bit of memory on each packet that uses a CMAC key, eventually causing ntpd to run out of memory and fail. The CMAC cleanup from https://bugs.ntp.org/3447, part of ntp-4.2.8p11 and ntp-4.3.97, introduced a bug whereby the CMAC data structure was no longer completely removed.
    Reported by Martin Burnicki of Meinberg."

Comment 1 Sam James archtester

2020-06-24 15:36:24 UTC

Please tell us when ready to stable.

Comment 2 Rolf Eike Beer archtester

2020-07-03 20:12:15 UTC

sparc stable

Comment 3 Sam James archtester

2020-07-04 12:58:42 UTC

arm64 stable

Comment 4 Agostino Sarubbo gentoo-dev

2020-07-05 13:36:39 UTC

amd64 stable

Comment 5 Agostino Sarubbo gentoo-dev

2020-07-05 13:38:32 UTC

arm stable

Comment 6 Agostino Sarubbo gentoo-dev

2020-07-05 13:41:31 UTC

s390 stable

Comment 7 Agostino Sarubbo gentoo-dev

2020-07-05 13:45:27 UTC

x86 stable

Comment 8 Rolf Eike Beer archtester

2020-07-06 16:52:07 UTC

hppa stable

Comment 9 Sam James archtester

2020-07-12 02:41:30 UTC

ppc stable

Comment 10 Sam James archtester

2020-07-17 10:30:40 UTC

ppc64 stable

----
Please cleanup.

Comment 11 GLSAMaker/CVETool Bot gentoo-dev

2020-07-26 23:45:11 UTC

This issue was resolved and addressed in
 GLSA 202007-12 at https://security.gentoo.org/glsa/202007-12
by GLSA coordinator Sam James (sam_c).

Comment 12 Sam James archtester

2020-07-27 01:14:25 UTC

(In reply to GLSAMaker/CVETool Bot from comment #11)
> This issue was resolved and addressed in
>  GLSA 202007-12 at https://security.gentoo.org/glsa/202007-12
> by GLSA coordinator Sam James (sam_c).

Reopening for cleanup.

Comment 13 Larry the Git Cow gentoo-dev

2020-07-27 19:02:36 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2c65d47e903eb2c2b3792563530b12b2321bdc38

commit 2c65d47e903eb2c2b3792563530b12b2321bdc38
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2020-07-27 18:56:04 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2020-07-27 19:02:30 +0000

    net-misc/ntp: Security cleanup
    
    Bug: https://bugs.gentoo.org/729458
    Package-Manager: Portage-3.0.1, Repoman-2.3.23
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-misc/ntp/Manifest                              |   2 -
 .../ntp/files/ntp-4.2.8-gcc10-fno-common.patch     |  22 ----
 net-misc/ntp/ntp-4.2.8_p14-r2.ebuild               | 145 ---------------------
 3 files changed, 169 deletions(-)

Comment 14 Sam James archtester

2020-07-27 19:05:32 UTC

All done, thanks!