[ntp:security] [Bug 3661] memory leak with AES128CMAC keys

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Wed Apr 1 14:57:27 UTC 2020


--- Comment #2 from Juergen Perlinger <perlinger at ntp.org> 2020-04-01 14:57:27 UTC ---
Created attachment 1709
  --> https://bugs.ntp.org/attachment.cgi?id=1709
patch against clean 4.2.8.p14

The bug was that CMAC contexts were not 'CMAC_CTX_free()'d, but just cleaned up
internally. That left an orphaned empty hull in NTPD and SNTP for every CMAC

Harlan, the repo is in

Martin, give it a try with the patch if you can.

Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list