[Bug 3072] tweaks

bk: 57ef749cgdfwOxXsUdn3G64d0KIoUQ

diff --git a/NEWS b/NEWS
index 4efe6b2ed89880a8cce0ad514e7b127df10cf71e..2adf9544d073a85dbb725ad6dbd78908b39514b1 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -8,7 +8,22 @@ Severity: HIGH
 In addition to bug fixes and enhancements, this release fixes the
 following X high- and Y low-severity vulnerabilities:
 
-*
+* Attack on interface selection
+   Date Resolved: xx October 2016; Dev (4.3.94) XX October 2016
+X  References: Sec 3072 / CVE-2016-XXXX / VU#XXXXX
+X  Affects: ntp-4.2.8p7, and ntp-4.3.92.
+X  CVSS2: HIGH 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
+X  CVSS3: HIGH 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
+X  Summary: 
+X  Mitigation:
+        Implement BCP-38.
+        Upgrade to 4.2.8p8, or later, from the NTP Project Download Page
+           or the NTP Public Services Project Download Page
+        If you cannot upgrade from 4.2.8p7, the only other alternatives
+           are to patch your code or filter CRYPTO_NAK packets.
+        Properly monitor your ntpd instances, and auto-restart ntpd
+           (without -g) if it stops running. 
+   Credit: This weakness was discovered by Miroslav Lichvar of Red Hat.
 
 Other fixes:
 

diff --git a/ntpd/ntp_peer.c b/ntpd/ntp_peer.c
index b60188266ea348d90053eb34a78a0b54a88ec7d4..04dee20c89823036720ecb2d97888f81c44ed23c 100644 (file)
--- a/ntpd/ntp_peer.c
+++ b/ntpd/ntp_peer.c
@@ -626,8 +626,13 @@ set_peerdstadr(
 {
        struct peer *   unlinked;
 
+       DEBUG_INSIST(p != NULL);
+
+       if (p == NULL)
+               return;
+
        /* check for impossible or identical assignment */
-       if (p == NULL || p->dstadr == dstadr)
+       if (p->dstadr == dstadr)
                return;
 
        /*