Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tuxfamily Chrony logging的功能拒绝服务攻击漏洞
Vulnerability Description
chrony是软件开发者Richard Curnow所研发的一套用于维护计算机系统时钟精度的工具。该工具包含chronyd(在系统后台运行的守护进程)和chronyc(用来监控chronyd性能和配置其参数的用户界面)程序。 Chrony chronyd 中的客户端的logging的功能,在存储客户端信息时没有限制大量的内存.允许远程攻击者引起拒绝服务攻击(内存崩溃)利用(1)NTP消息或cmdmon数据包.
CVSS Information
N/A
Vulnerability Type
N/A