Tweedegolf Ntpd-Rs vulnerabilities

CVE-2026-26076 [MEDIUM] CWE-770 CVE-2026-26076: ntpd-rs is a full-featured implementation of the Network Time Protocol. Prior to 1.7.1, an attacker ntpd-rs is a full-featured implementation of the Network Time Protocol. Prior to 1.7.1, an attacker can remotely induce moderate increases (2-4 times above normal) in cpu usage. When having NTS enabled on an ntpd-rs server, an attacker can create malformed NTS packets that take significantly more effort for the server to respond to by requesting a la

CVE-2023-33192 [HIGH] CWE-130 CVE-2023-33192: ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookie ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The server also crashes when it is not configured to handle NTS packets. The is