CVE-2018-7183Out-of-bounds Write in Ubuntu Linux

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents10 sources
Severity
9.8CRITICALNVD
OSV7.5
EPSS
32.0%
top 3.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
NTPCanonical Ubuntu LinuxFreebsd
Timeline
PublishedMar 8
Latest updateMay 13

Description

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

Debianntp/ntp< 1:4.2.8p11+dfsg-1
Ubuntuntp/ntp< 1:4.2.6.p5+dfsg-3ubuntu2.14.04.13+2
NVDntp/ntp4.2.8

Also affects: Freebsd 10.3, 10.4, 11.1, Ubuntu Linux 12.04, 14.04, 16.04, 17.10, 18.04

🔴Vulnerability Details

4
GHSA
GHSA-9429-whv8-4h3p: Buffer overflow in the decodearr function in ntpq in ntp 42022-05-13
OSV
ntp vulnerabilities2018-07-09
OSV
CVE-2018-7183: Buffer overflow in the decodearr function in ntpq in ntp 42018-03-08
CVEList
CVE-2018-7183: Buffer overflow in the decodearr function in ntpq in ntp 42018-03-08

📋Vendor Advisories

6
Oracle
Oracle Oracle Systems Risk Matrix: XCP Firmware (NTP) — CVE-2018-71832021-07-15
Ubuntu
NTP vulnerabilities2019-01-23
Ubuntu
NTP vulnerabilities2018-07-09
BSD
FreeBSD-SA-18:02.ntp: Multiple vulnerabilities of ntp2018-03-07
Red Hat
ntp: decodearr() can write beyond its buffer limit2018-02-27

💬Community

2
Bugzilla
CVE-2018-7170 CVE-2018-7182 CVE-2018-7183 CVE-2018-7184 CVE-2018-7185 ntp: various flaws [fedora-all]2018-02-28
Bugzilla
CVE-2018-7183 ntp: decodearr() can write beyond its buffer limit2018-02-28