Back

Critical DoS Vulnerability in Fedora NTP Service Addressed

Severity: High (Score: 70.5)

Sources: Linuxsecurity

Summary

A critical Denial of Service (DoS) vulnerability, CVE-2026-26076, affecting the ntpd-rs service in Fedora 42 and 43 has been identified and patched. This vulnerability allows attackers to exploit malformed NTS packets to request excessive cookies, potentially leading to service disruptions. The vulnerability was published on February 12, 2026, and affects users of Fedora 42 and 43 who utilize the NTP service. The update to version 1.7.1 includes the necessary fixes and is available for installation via the 'dnf' package manager. Users are advised to upgrade their systems to mitigate potential attacks. The vulnerability's exploitation could impact a wide range of systems relying on accurate timekeeping. The patch was released on March 22, 2026, and is critical for maintaining service integrity. Key Points: • CVE-2026-26076 allows DoS via malformed NTS packets in ntpd-rs. • Affected systems include Fedora 42 and 43 with NTP service. • Users should update to version 1.7.1 to mitigate the vulnerability.

Key Entities

  • DDoS (attack_type)
  • CVE-2026-26076 (cve)
  • Fedora (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed