Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 658576 (CVE-2018-12327) - <net-misc/ntp-4.2.8_p12: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution (CVE-2018-12327)
Summary: <net-misc/ntp-4.2.8_p12: Stack-based buffer overflow in ntpq and ntpdc allows...
Status: RESOLVED FIXED
Alias: CVE-2018-12327
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://gist.github.com/fakhrizulkifl...
Whiteboard: A2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-06-20 15:24 UTC by Florian Schuhmacher
Modified: 2019-03-19 03:21 UTC (History)
1 user (show)

See Also:
Package list:
net-misc/ntp-4.2.8_p12
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Schuhmacher 2018-06-20 15:24:24 UTC
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source. 

Gentoo Security Scout
Florian Schuhmacher
Comment 1 D'juan McDonald (domhnall) 2018-12-18 00:18:36 UTC
upstream reference: http://support.ntp.org/bin/view/Main/NtpBug3505
Comment 2 Thomas Deutschmann gentoo-dev Security 2018-12-18 00:21:55 UTC
Note: This problem affects only command line tools and not the server. As these command line tools are usually not run with attacker input A2 is probably overrated.
Comment 3 Rolf Eike Beer 2018-12-19 05:58:55 UTC
sparc stable
Comment 4 Thomas Deutschmann gentoo-dev Security 2018-12-20 01:30:10 UTC
x86 stable
Comment 5 Matt Turner gentoo-dev 2018-12-23 03:20:46 UTC
alpha stable
Comment 6 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-12-23 12:25:51 UTC
amd64 stable
Comment 7 Sergei Trofimovich gentoo-dev 2018-12-26 11:05:12 UTC
ia64 stable
Comment 8 Sergei Trofimovich gentoo-dev 2018-12-26 11:06:42 UTC
If you want faster stabilization next time please consider fixing testsuite on platforms that don't support -Wl,gc-sections (has a reproducer for amd64):
    https://bugs.gentoo.org/564018#c11
Comment 9 Sergei Trofimovich gentoo-dev 2018-12-26 14:02:30 UTC
ppc64 stable
Comment 10 Sergei Trofimovich gentoo-dev 2018-12-26 14:03:05 UTC
ppc stable
Comment 11 Markus Meier gentoo-dev 2019-01-02 12:13:36 UTC
arm stable
Comment 12 Sergei Trofimovich gentoo-dev 2019-01-03 18:58:49 UTC
hppa stable
Comment 13 Mart Raudsepp gentoo-dev 2019-01-04 00:47:05 UTC
arm64 stable
Comment 14 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2019-01-04 10:02:28 UTC
base-system is done here
Comment 15 Lars Wendler (Polynomial-C) gentoo-dev 2019-01-04 10:21:18 UTC
(In reply to Mikle Kolyada from comment #14)
> base-system is done here

And yet it's still a base-sysdtem package, so I'd like to keep b-s in CC.
Comment 16 GLSAMaker/CVETool Bot gentoo-dev 2019-03-19 03:21:37 UTC
This issue was resolved and addressed in
 GLSA 201903-15 at https://security.gentoo.org/glsa/201903-15
by GLSA coordinator Aaron Bauman (b-man).