CNNVD-202508-3493 Information
CNNVD ID
CNNVD-202508-3493
Related CVE
- CNNVD Published: 2025-08-29
Description (Chinese)
ntpd-rs是Project Pendulum开源的一款用于同步计算机时钟的工具,可实现 NTP 和 NTS 协议。 ntpd-rs 1.2.0至1.6.1版本存在安全漏洞,该漏洞源于允许非NTS流量,可能导致拒绝服务攻击。
Description (English)
ntpd-rs is a tool for synchronizing computer clocks for the Project Pendulum open source, enabling NTP and NTS protocols. There is a security loophole in versions 1.2.0 to 1.6.1 of ntpd-rs, which stems from allowing non-NTS traffic and may lead to denial of service attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Project Pendulum
Published
2025-08-29
Last Modified
2026-02-24
References
https://github.com/pendulum-project/ntpd-rs/security/advisories/GHSA-4855-q42w-5vr4 https://github.com/pendulum-project/ntpd-rs/commit/da37cf167736cbd4d7804b1ed7ceb572468298e0 https://nvd.nist.gov/vuln/detail/CVE-2025-58066 https://vigilance.fr/vulnerability/ntpd-rs-overload-via-Message-Storm-48359
Patch
https://github.com/pendulum-project/ntpd-rs/releases
Share on: