CVE-2021-22212 — Use of a Broken or Risky Cryptographic Algorithm in Ntpsec

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm4 documents4 sources

Severity

7.4HIGHNVD

EPSS

0.1%

top 67.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ntpsec Debian Ntpsec Fedoraproject Fedora

Timeline

PublishedJun 8

Latest updateMay 24

Description

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the '#'. This results in the administrator not being able to use the keys as expected or the keys are shorter than expected and easier to brute-force, possibly resulting in MITM attacks between ntp clients and ntp servers. For short AES128 keys, ntpd g…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages4 packages

▶debiandebian/ntpsec< ntpsec 1.2.0+dfsg1-4 (bookworm)

▶Debianntpsec/ntpsec< 1.2.0+dfsg1-4+3

▶CVEListV5ntpsec/ntpsec=1.2.0

▶NVDntpsec/ntpsec1.2.0

Also affects: Fedora 34

Patches

Patch: bugzilla.redhat.com ↗Patch: gitlab.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-57r9-f9gp-9f2x: ntpkeygen can generate keys that ntpd fails to parse↗2022-05-24

▶

OSV

CVE-2021-22212: ntpkeygen can generate keys that ntpd fails to parse↗2021-06-08

▶

📋Vendor Advisories

Debian

CVE-2021-22212: ntpsec - ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkey...↗2021

▶