CVE-2015-1821
chrony - security update
EPSS 2.6%
Description
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.
How to fix CVE-2015-1821
To remediate CVE-2015-1821, upgrade the affected package to a fixed version below.
- Debian/chrony—upgrade to 1.30-2 or later
- Debian/chrony—upgrade to 1.24-3+squeeze2 or later
- —upgrade to 1.24-3.1+deb7u3 or later
Is CVE-2015-1821 being exploited?
Low — EPSS is 2.6%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 1.30-2
- from 0, < 1.24-3+squeeze2
- from 0, < 1.24-3.1+deb7u3