CVE-2016-2517

medium

Published 2017-01-30 · Modified 2026-05-13

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

5.3

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v4 NEW

—

not yet in upstream

VIR risk

5.3

Description

NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.

Predictions

Exploit likelihood

63%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact

OS	Version	Status	Fixed in
sles		affected
debian	bullseye	fixed	`1:4.2.8p7+dfsg-1`

Application impact

Vendor	Product	Versions
ntp	ntp	`{"endIncluding":"4.2.8"}`
ntp	ntp	`4.3.0`
ntp	ntp	`4.3.1`
ntp	ntp	`4.3.2`
ntp	ntp	`4.3.3`
ntp	ntp	`4.3.4`
ntp	ntp	`4.3.5`
ntp	ntp	`4.3.6`
ntp	ntp	`4.3.7`
ntp	ntp	`4.3.8`
ntp	ntp	`4.3.9`
ntp	ntp	`4.3.10`
ntp	ntp	`4.3.11`
ntp	ntp	`4.3.12`
ntp	ntp	`4.3.13`
ntp	ntp	`4.3.14`
ntp	ntp	`4.3.15`
ntp	ntp	`4.3.16`
ntp	ntp	`4.3.17`
ntp	ntp	`4.3.18`
ntp	ntp	`4.3.19`
ntp	ntp	`4.3.20`
ntp	ntp	`4.3.21`
ntp	ntp	`4.3.22`
ntp	ntp	`4.3.23`
ntp	ntp	`4.3.24`
ntp	ntp	`4.3.25`
ntp	ntp	`4.3.26`
ntp	ntp	`4.3.27`
ntp	ntp	`4.3.28`
ntp	ntp	`4.3.29`
ntp	ntp	`4.3.30`
ntp	ntp	`4.3.31`
ntp	ntp	`4.3.32`
ntp	ntp	`4.3.33`
ntp	ntp	`4.3.34`
ntp	ntp	`4.3.35`
ntp	ntp	`4.3.36`
ntp	ntp	`4.3.37`
ntp	ntp	`4.3.38`
ntp	ntp	`4.3.39`
ntp	ntp	`4.3.40`
ntp	ntp	`4.3.41`
ntp	ntp	`4.3.42`
ntp	ntp	`4.3.43`
ntp	ntp	`4.3.44`
ntp	ntp	`4.3.45`
ntp	ntp	`4.3.46`
ntp	ntp	`4.3.47`
ntp	ntp	`4.3.48`
ntp	ntp	`4.3.49`
ntp	ntp	`4.3.50`
ntp	ntp	`4.3.51`
ntp	ntp	`4.3.52`
ntp	ntp	`4.3.53`
ntp	ntp	`4.3.54`
ntp	ntp	`4.3.55`
ntp	ntp	`4.3.56`
ntp	ntp	`4.3.57`
ntp	ntp	`4.3.58`
ntp	ntp	`4.3.59`
ntp	ntp	`4.3.60`
ntp	ntp	`4.3.61`
ntp	ntp	`4.3.62`
ntp	ntp	`4.3.63`
ntp	ntp	`4.3.64`
ntp	ntp	`4.3.65`
ntp	ntp	`4.3.66`
ntp	ntp	`4.3.67`
ntp	ntp	`4.3.68`
ntp	ntp	`4.3.69`
ntp	ntp	`4.3.70`
ntp	ntp	`4.3.71`
ntp	ntp	`4.3.72`
ntp	ntp	`4.3.73`
ntp	ntp	`4.3.74`
ntp	ntp	`4.3.75`
ntp	ntp	`4.3.76`
ntp	ntp	`4.3.77`
ntp	ntp	`4.3.78`
ntp	ntp	`4.3.79`
ntp	ntp	`4.3.80`
ntp	ntp	`4.3.81`
ntp	ntp	`4.3.82`
ntp	ntp	`4.3.83`
ntp	ntp	`4.3.84`
ntp	ntp	`4.3.85`
ntp	ntp	`4.3.86`
ntp	ntp	`4.3.87`
ntp	ntp	`4.3.88`
ntp	ntp	`4.3.89`
ntp	ntp	`4.3.90`
ntp	ntp	`4.3.91`

References

CWEs

CWE-20

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.