NULL pointer dereference in ntpsec (Alpine package)



Published: 2019-02-09
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-6445
CWE-ID CWE-476
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		ntpsec (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) NULL pointer dereference

EUVDB-ID: #VU17184

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-6445

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: Yes

Description

The vulnerability allows a remote authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote authenticated attacker can trigger NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

ntpsec (Alpine package): 1.1.1-r0 - 1.1.1-r2

External links

http://git.alpinelinux.org/aports/commit/?id=7de1824a4c87d4bc784f18f0dd977a556e8aa641
http://git.alpinelinux.org/aports/commit/?id=8b9f93d5463c700e366a766c9d46cc26d6a14d0c
http://git.alpinelinux.org/aports/commit/?id=6e65ec77c34fcea98b3b7fbef8cb62d3b6dae0d3


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###