VDB
GCVE-110-MAGEIA-2014-52
GCVE-110-MAGEIA-2014-52
Advisory Published
Updated chrony package fixes security vulnerability:
In the chrony control protocol some replies are significantly larger than
their requests, which allows an attacker to use it in an amplification
attack (CVE-2014-0021).
Note: in the default configuration, cmdallow is restricted to localhost,
so significant amplification is only possible if the configuration has
been changed to allow cmdallow from other hosts. Even from hosts whose
access is denied, minor amplification is still possible.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | upower | 0 (affected), 0.9.23-1.1.mga4 (unaffected) | — |
| Mageia | chrony | 0 (affected), 1.29.1-1.mga4 (unaffected), 0 (affected), 1.29.1-1.mga4 (unaffected) | — |
References
Browse GCVE Records
73,685 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.