diff options
Diffstat (limited to 'package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch')
| -rw-r--r-- | package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch b/package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch deleted file mode 100644 index 0eb887d23c..0000000000 --- a/package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch +++ /dev/null @@ -1,28 +0,0 @@ -ntpd: respond only to client and symmetric active packets -The busybox NTP implementation doesn't check the NTP mode of packets -received on the server port and responds to any packet with the right -size. This includes responses from another NTP server. An attacker can -send a packet with a spoofed source address in order to create an -infinite loop of responses between two busybox NTP servers. Adding -more packets to the loop increases the traffic between the servers -until one of them has a fully loaded CPU and/or network. - -Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com> -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> - ---- a/networking/ntpd.c -+++ b/networking/ntpd.c -@@ -2051,6 +2051,13 @@ recv_and_process_client_pkt(void /*int f - goto bail; - } - -+ /* Respond only to client and symmetric active packets */ -+ if ((msg.m_status & MODE_MASK) != MODE_CLIENT -+ && (msg.m_status & MODE_MASK) != MODE_SYM_ACT -+ ) { -+ goto bail; -+ } -+ - query_status = msg.m_status; - query_xmttime = msg.m_xmttime; - |