VDB

GCVE-110-MAGEIA-2014-52

GCVE-110-MAGEIA-2014-52
Advisory Published
Vulnetix · Advisory published February 11, 2014
Updated chrony package fixes security vulnerability: In the chrony control protocol some replies are significantly larger than their requests, which allows an attacker to use it in an amplification attack (CVE-2014-0021). Note: in the default configuration, cmdallow is restricted to localhost, so significant amplification is only possible if the configuration has been changed to allow cmdallow from other hosts. Even from hosts whose access is denied, minor amplification is still possible.

Affected Products

VendorProductVersionsPlatforms
Mageiaupower0 (affected), 0.9.23-1.1.mga4 (unaffected)
Mageiachrony0 (affected), 1.29.1-1.mga4 (unaffected), 0 (affected), 1.29.1-1.mga4 (unaffected)

Browse GCVE Records

73,685 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›