[ntp:security] [Bug 1331] DoS with mode 7 packets (CVE-2009-3563)

Danny Mayer mayer at ntp.org
Thu Oct 8 03:16:32 UTC 2009


After review of the rate-limited logging that was suggested I have
concluded that it would be a potential problem dealing with the
"current_time" variable which has not been declared volatile and has no
locks around it for potential problems with multiple access and changes.
This kind of logging should be left to a regular release of the code
when there is time to ensure that the time used to check for
rate-limiting is atomically retrieved.

Danny

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the security mailing list