CVE-2014-9298

Publication date 5 February 2015

Last updated 4 August 2025

Ubuntu priority

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ntp	14.10 utopic	Fixed 1:4.2.6.p5+dfsg-3ubuntu2.14.10.2
	14.04 LTS trusty	Fixed 1:4.2.6.p5+dfsg-3ubuntu2.14.04.2
	12.04 LTS precise	Fixed 1:4.2.6.p3+dfsg-1ubuntu3.3
	10.04 LTS lucid	Fixed 1:4.2.4p8+dfsg-1ubuntu2.3

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
ntp	Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=54922b65gDSbE4G7c3JjkuK1Tv33qQ Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5492d2879rotbnnuVch_ZC3RAfS8AA Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5493f333hALqPcXLR4-76bC6j-16xQ Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5496213frLaEz5PHLZVhuYjM7Lalkw Upstream: http://bk1.ntp.org/ntp-stable/ntpd/ntp_io.c?PAGE=diffs&REV=54a0f621LdfQSkkWKUKN6PaFbH25_Q Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=54c2228bpOp4_zrX9aGXdMEZJEGzkg Vendor: https://www.debian.org/security/2015/dsa-3154

Package

Patch details

ntp

Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=54922b65gDSbE4G7c3JjkuK1Tv33qQ
Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5492d2879rotbnnuVch_ZC3RAfS8AA
Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5493f333hALqPcXLR4-76bC6j-16xQ
Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=5496213frLaEz5PHLZVhuYjM7Lalkw
Upstream: http://bk1.ntp.org/ntp-stable/ntpd/ntp_io.c?PAGE=diffs&REV=54a0f621LdfQSkkWKUKN6PaFbH25_Q
Upstream: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=54c2228bpOp4_zrX9aGXdMEZJEGzkg
Vendor: https://www.debian.org/security/2015/dsa-3154

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2497-1
NTP vulnerabilities
9 February 2015

Other references

http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so
https://www.cve.org/CVERecord?id=CVE-2014-9298