-ntpd: respond only to client and symmetric active packets
-The busybox NTP implementation doesn't check the NTP mode of packets
-received on the server port and responds to any packet with the right
-size. This includes responses from another NTP server. An attacker can
-send a packet with a spoofed source address in order to create an
-infinite loop of responses between two busybox NTP servers. Adding
-more packets to the loop increases the traffic between the servers
-until one of them has a fully loaded CPU and/or network.
-
-Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-
---- a/networking/ntpd.c
-+++ b/networking/ntpd.c
-@@ -2051,6 +2051,13 @@ recv_and_process_client_pkt(void /*int f
- goto bail;
- }
-
-+ /* Respond only to client and symmetric active packets */
-+ if ((msg.m_status & MODE_MASK) != MODE_CLIENT
-+ && (msg.m_status & MODE_MASK) != MODE_SYM_ACT
-+ ) {
-+ goto bail;
-+ }
-+
- query_status = msg.m_status;
- query_xmttime = msg.m_xmttime;
-