Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2015-1853

created 1 month ago

chrony before 1.31.1 does not properly protect state variables in …

chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.

References

https://security.gentoo.org/glsa/201507-01 x_refsource_MISC
http://chrony.tuxfamily.org/News.html x_refsource_MISC
https://security.gentoo.org/glsa/201507-01 x_refsource_MISC x_transferred
http://chrony.tuxfamily.org/News.html x_refsource_MISC x_transferred
https://security.gentoo.org/glsa/201507-01 x_refsource_MISC
http://chrony.tuxfamily.org/News.html x_refsource_MISC
https://security.gentoo.org/glsa/201507-01 x_refsource_MISC x_transferred
http://chrony.tuxfamily.org/News.html x_refsource_MISC x_transferred

Affected products

chrony

==before 1.31.1

Matching in nixpkgs

pkgs.chrony

Sets your computer's clock from time servers on the Net

nixos-unstable 4.8
- nixpkgs-unstable 4.8
- nixos-unstable-small 4.8
nixos-25.11 4.8
- nixos-25.11-small 4.8
- nixpkgs-25.11-darwin 4.8

pkgs.synchrony

Simple deobfuscator for mangled or obfuscated JavaScript files

nixos-unstable 2.4.5
- nixpkgs-unstable 2.4.5
- nixos-unstable-small 2.4.5
nixos-25.11 2.4.5
- nixos-25.11-small 2.4.5
- nixpkgs-25.11-darwin 2.4.5

pkgs.prometheus-chrony-exporter

Prometheus exporter for the chrony NTP service

nixos-unstable 0.12.3
- nixpkgs-unstable 0.12.3
- nixos-unstable-small 0.12.3
nixos-25.11 0.12.2
- nixos-25.11-small 0.12.2
- nixpkgs-25.11-darwin 0.12.2

Package maintainers

@fpletz Franz Pletz <fpletz@fnordicwalking.de>
@vifino Adrian Pistol <vifino@tty.sh>
@thoughtpolice Austin Seipp <aseipp@pobox.com>
@paepckehh Michael Paepcke <git@paepcke.de>
@pluiedev Leah Amelia Chen <hi@pluie.me>