CVE-2015-5219

Public on 2015-09-02
Modified on 2016-02-09
Description

It was discovered that the sntp utility could become unresponsive due to being caught in an infinite loop when processing a crafted NTP packet.

Severity
Low
See what this means
CVSS v3 Base Score
3.3
See breakdown

Affected Packages

Platform Package Release Date Advisory
Amazon Linux 1 ntp 2015-09-02 12:00 ALAS-2015-593

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 3.3 AV:A/AC:L/Au:N/C:N/I:N/A:P
NVD CVSSv2 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P
NVD CVSSv3 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Red Hat: CVE-2015-5219 Mitre: CVE-2015-5219 FAQs regarding Amazon Linux ALAS/CVE Severity