-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-14:31.ntp Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in NTP suite
Category: contrib
Module: ntp
Announced: 2014-12-23
Affects: All supported versions of FreeBSD.
Corrected: 2014-12-22 19:07:16 UTC (stable/10, 10.1-STABLE)
2014-12-23 22:56:01 UTC (releng/10.1, 10.1-RELEASE-p3)
2014-12-23 22:55:14 UTC (releng/10.0, 10.0-RELEASE-p15)
2014-12-22 19:08:09 UTC (stable/9, 9.3-STABLE)
2014-12-23 22:54:25 UTC (releng/9.3, 9.3-RELEASE-p7)
2014-12-23 22:53:44 UTC (releng/9.2, 9.2-RELEASE-p17)
2014-12-23 22:53:03 UTC (releng/9.1, 9.1-RELEASE-p24)
2014-12-22 19:08:09 UTC (stable/8, 8.4-STABLE)
2014-12-23 22:52:22 UTC (releng/8.4, 8.4-RELEASE-p21)
CVE Name: CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP)
used to synchronize the time of a computer system to a reference time
source.
II. Problem Description
When no authentication key is set in the configuration file, ntpd(8)
would generate a random key that uses a non-linear additive feedback random
number generator seeded with very few bits of entropy. [CVE-2014-9293]
The ntp-keygen(8) utility is also affected by a similar issue.
[CVE-2014-9294]
When Autokey Authentication is enabled, for example if ntp.conf(5) contains
a 'crypto pw' directive, a remote attacker can send a carefully
crafted packet that can overflow a stack buffer. [CVE-2014-9295]
In ntp_proto.c, the receive() function is missing a return statement in
the case when an error is detected. [CVE-2014-9296]
III. Impact
The NTP protocol uses keys to implement authentication. The weak
seeding of the pseudo-random number generator makes it easier for an
attacker to brute-force keys, and thus may broadcast incorrect time stamps
or masquerade as another time server. [CVE-2014-9293, CVE-2014-9294]
An attacker may be able to utilize the buffer overflow to crash the ntpd(8)
daemon or potentially run arbitrary code with the privileges of the ntpd(8)
process, which is typically root. [CVE-2014-9295]
IV. Workaround
No workaround is available, but systems not running ntpd(8) are not
affected. Because the issue may lead to remote root compromise, the
FreeBSD Security Team recommends system administrators to firewall NTP
ports, namely tcp/123 and udp/123 when it is not clear that all systems
have been patched or have ntpd(8) stopped.
V. Solution
NOTE WELL: It is advisable to regenerate all keys used for NTP
authentication, if configured.
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-14:31/ntp.patch
# fetch https://security.FreeBSD.org/patches/SA-14:31/ntp.patch.asc
# gpg --verify ntp.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart the ntpd(8) daemons, or reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r276073
releng/8.4/ r276154
stable/9/ r276073
releng/9.1/ r276155
releng/9.2/ r276156
releng/9.3/ r276157
stable/10/ r276072
releng/10.0/ r276158
releng/10.1/ r276159
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296>
<URL:https://www.kb.cert.org/vuls/id/852879>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-14:31.ntp.asc>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJUmg71AAoJEO1n7NZdz2rn92YQAOZaX8tHuYv+twEde4xyhe8E
A+h/Isv04xmPTbWK9w9rJoIJ/2qZcVhb8P43KIhxtzFVVjxWbWJsHMod4FC3X1wG
ku8SuBijgkUumFSTZ7IoNxBvZdJrpv9r+do357s4rOpMOAOqzVDyNPLUUZqWdZaT
jXJDCdwWS7c7pExLOq+ziXGkfGUfSlp6jijxmH9qPi5iSmjqE3A2UpUpGbcnclDv
vesQK9Tfk3woNbn4q8iQ6tJJlPsizYWO0EWc4gdESI/WOiPJfpdwPYLINXx+0sKk
4qdHoCmlHucRC6ALnkqj+3JOR1MdPRuYDBZKeKA4d0UgEOllfWHgK8m4SpqJUn7E
zLNKZHSbQxIObYK82rI0zarknMVB8toFeOgqU1yKY0lXd4Z23uGyH2HMFx4oX+2x
K9MNfHeziSZcl3TQzsy4UFItAlVzFqLtDf8t0YA680zgf6RaIOhOQU4EtooDTPpi
iy3CkV0d3AeQwO9UdwpaASWM0GVJ/sRpjvFluxElIKZ9WqWCwUHnhGSbQI8gMuGy
0HfAix4YG46i/4R+Q6pk46SlPCIzMjVKZISrlkhl7j4YoOpp/xS7uI8A4om+vvAc
Q2qPO1Ow+dVZra2QpIshkxYcTi/qVEp1VV1SHBujexQhYRGhk2PkxBBl78QjxGeM
yviSFWqjS+1z3j7jtzG4
=ZLh4
-----END PGP SIGNATURE-----