ALAS-2024-2396

Amazon Linux 2 Security Advisory: ALAS-2024-2396
Advisory Release Date: 2024-01-03 21:04 Pacific
Advisory Updated Date: 2024-02-15 03:52 Pacific
Severity: Medium
Issue Overview:

2024-02-15: CVE-2023-26555 was added to this advisory.

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. (CVE-2023-26551)

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. (CVE-2023-26552)

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. (CVE-2023-26553)

mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. (CVE-2023-26554)

praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver. (CVE-2023-26555)


Affected Packages:

ntp


Note:

This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.


Issue Correction:
Run yum update ntp to update your system.

New Packages:
aarch64:
    ntp-4.2.8p15-3.amzn2.0.7.aarch64
    ntpdate-4.2.8p15-3.amzn2.0.7.aarch64
    sntp-4.2.8p15-3.amzn2.0.7.aarch64
    ntp-debuginfo-4.2.8p15-3.amzn2.0.7.aarch64

i686:
    ntp-4.2.8p15-3.amzn2.0.7.i686
    ntpdate-4.2.8p15-3.amzn2.0.7.i686
    sntp-4.2.8p15-3.amzn2.0.7.i686
    ntp-debuginfo-4.2.8p15-3.amzn2.0.7.i686

noarch:
    ntp-perl-4.2.8p15-3.amzn2.0.7.noarch
    ntp-doc-4.2.8p15-3.amzn2.0.7.noarch

src:
    ntp-4.2.8p15-3.amzn2.0.7.src

x86_64:
    ntp-4.2.8p15-3.amzn2.0.7.x86_64
    ntpdate-4.2.8p15-3.amzn2.0.7.x86_64
    sntp-4.2.8p15-3.amzn2.0.7.x86_64
    ntp-debuginfo-4.2.8p15-3.amzn2.0.7.x86_64

Additional References

Red Hat: CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26555

Mitre: CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, CVE-2023-26555