Bug affecting NTP multicast users on Linux
Tuesday, January 31, 2012 11:09:57 AM
It's the debian bug #654876 (CVE-2012-0207), which was introduced in the Linux kernel version 2.6.36, and affects IPv4 Multicast users. In particular, if you are using NTP multicast on that kernel version or higher, you are affected.
This bug seems easily exploitable in a local network, and may be used for denial of service attacks. Patches are available for Linux 3.0.17, 3.1.9, 3.2.1, with Debian porting it to their kernel package version 3.1.8-2.
For more information, see Ben's technical blog