Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-1822HistoryApr 16, 2015 - 2:59 p.m.
CVE-2015-1822
2015-04-1614:59:03
Debian Security Bug Tracker
security-tracker.debian.org
7
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.4%
chrony before 1.31.1 does not initialize the last “next” pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | chrony | < 1.30-2 | chrony_1.30-2_all.deb |
| Debian | 11 | all | chrony | < 1.30-2 | chrony_1.30-2_all.deb |
| Debian | 999 | all | chrony | < 1.30-2 | chrony_1.30-2_all.deb |
| Debian | 13 | all | chrony | < 1.30-2 | chrony_1.30-2_all.deb |
Related
nvd
nvd
CVE-2015-1822
2015-04-16 14:59:03
prion
prion
Design/Logic Flaw
2015-04-16 14:59:00
ubuntucve
ubuntucve
CVE-2015-1822
2015-04-16 00:00:00
cve
cve
CVE-2015-1822
2015-04-16 14:59:03
cvelist
cvelist
CVE-2015-1822
2015-04-16 14:00:00
nessus
nessus
Fedora 20 : chrony-1.31.1-1.fc20 (2015-5809)
2015-04-27 00:00:00
CentOS 7 : chrony (CESA-2015:2241)
2015-12-02 00:00:00
Scientific Linux Security Update : chrony on SL7.x x86_64 (20151119)
2015-12-22 00:00:00
debian
debian
[SECURITY] [DLA 193-1] chrony security update
2015-04-12 15:41:11
[SECURITY] [DSA 3222-1] chrony security update
2015-04-12 15:34:48
openvas
openvas
Debian: Security Advisory (DLA-193-1)
2023-03-08 00:00:00
Oracle: Security Advisory (ELSA-2015-2241)
2015-11-24 00:00:00
Debian Security Advisory DSA 3222-1 (chrony - security update)
2015-04-12 00:00:00
securityvulns
securityvulns
chrony multiple security vulnerabilities
2015-04-17 00:00:00
[SECURITY] [DSA 3222-1] chrony security update
2015-04-17 00:00:00
osv
osv
chrony - security update
2015-04-12 00:00:00
chrony - security update
2015-04-12 00:00:00
redhat
redhat
(RHSA-2015:2241) Moderate: chrony security, bug fix, and enhancement update
2015-11-19 14:42:40
centos
centos
chrony security update
2015-11-30 19:24:37
freebsd
freebsd
chrony -- multiple vulnerabilities
2015-02-17 00:00:00
amazon
amazon
Medium: chrony
2015-06-02 22:25:00
fedora
fedora
[SECURITY] Fedora 22 Update: chrony-2.0-0.3.pre2.fc22
2015-04-22 22:43:07
[SECURITY] Fedora 21 Update: chrony-1.31.1-1.fc21
2015-04-22 22:53:53
[SECURITY] Fedora 20 Update: chrony-1.31.1-1.fc20
2015-04-24 22:50:08
mageia
mageia
Updated chrony packages fix security vulnerabilities
2015-04-24 00:14:25
oraclelinux
oraclelinux
chrony security, bug fix, and enhancement update
2015-11-23 00:00:00
gentoo
gentoo
chrony: Multiple vulnerabilities
2015-07-05 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.4%
Related for DEBIANCVE:CVE-2015-1822