Published: 05 July 2016
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
CVSS 3 base score: 7.5
incorrect fix for CVE-2016-1547 redhat's fix for CVE-2016-1547 doesn't introduce this issue Ubuntu uses redhat's fix