VDB
GCVE-110-MAGEIA-2015-63
GCVE-110-MAGEIA-2015-63
Advisory Published
Updated ntp packages fix security vulnerabilities:
Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE
Security Team and Harlan Stenn of Network Time Foundation discovered that the
length value in extension fields is not properly validated in several code
paths in ntp_crypto.c, which could lead to information leakage or denial of
service (CVE-2014-9297).
Stephen Roettger of the Google Security Team reported that ACLs based on IPv6
::1 (localhost) addresses can be bypassed (CVE-2014-9298).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | nautilus | 3.14.2-1.1.mga5 (unaffected), 0 (affected) | — |
| Mageia | ntp | 0 (affected), * (unaffected), 0 (affected), 4.2.6p5-15.3.mga4 (unaffected) | — |
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.