[ntp:security] [Bug 3661] memory leak with AES128CMAC keys
bugzilla-daemon at ntp.org
bugzilla-daemon at ntp.org
Wed Apr 1 14:57:27 UTC 2020
https://bugs.ntp.org/show_bug.cgi?id=3661
--- Comment #2 from Juergen Perlinger <perlinger at ntp.org> 2020-04-01 14:57:27 UTC ---
Created attachment 1709
--> https://bugs.ntp.org/attachment.cgi?id=1709
patch against clean 4.2.8.p14
The bug was that CMAC contexts were not 'CMAC_CTX_free()'d, but just cleaned up
internally. That left an orphaned empty hull in NTPD and SNTP for every CMAC
computation.
Harlan, the repo is in
psp.ntp.org:~perlinger/ntp-stable-3661.
Martin, give it a try with the patch if you can.
--
Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the security
mailing list