CVE 2015-8138
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
Related bugs and status
CVE-2015-8138 (Candidate) is related to these bugs:
Bug #1528050: NTP statsdir cleanup cronjob insecure
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1528050 | NTP statsdir cleanup cronjob insecure | ntp (Ubuntu) | Undecided | Fix Released | ||
| 1528050 | NTP statsdir cleanup cronjob insecure | ntp (Ubuntu Wily) | Undecided | Won't Fix | ||
| 1528050 | NTP statsdir cleanup cronjob insecure | ntp (Ubuntu Xenial) | Undecided | Fix Released | ||
Bug #1567540: ntpd crashed with SIGABRT (was: ntp crashes everytime the network goes up or down.)
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1567540 | ntpd crashed with SIGABRT (was: ntp crashes everytime the network goes up or down.) | ntp (Ubuntu) | High | Fix Released | ||
| 1567540 | ntpd crashed with SIGABRT (was: ntp crashes everytime the network goes up or down.) | NTP | High | Fix Released | ||
| 1567540 | ntpd crashed with SIGABRT (was: ntp crashes everytime the network goes up or down.) | ntp (Ubuntu Xenial) | High | Fix Released | ||
Bug #1582767: apparmor permissions missing for winbind
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1582767 | apparmor permissions missing for winbind | ntp (Ubuntu) | Medium | Fix Released | ||
| 1582767 | apparmor permissions missing for winbind | ntp (Ubuntu Xenial) | Undecided | Won't Fix | ||
| 1582767 | apparmor permissions missing for winbind | ntp (Debian) | Unknown | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
