Upgrade Oracle:8 bpftool to version 0:4.18.0-80.7.2.el8_0 or higher. This issue was patched in ELSA-2019-2411 .

ntp vulnerabilities

Known vulnerabilities in the ntp package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L Improper Input Validation	*
L Improper Input Validation	*
L Resource Exhaustion	*
M Information Exposure	<1:4.2.8p3+dfsg-1
M Directory Traversal	<1:4.2.8p4+dfsg-1
L Out-of-bounds Write	*
M Improper Input Validation	<1:4.2.8p10+dfsg-1
L Out-of-bounds Write	*
L CVE-2018-7185	*
L CVE-2018-7170	*
L CVE-2018-7184	*
H Out-of-bounds Read	*
M Improper Input Validation	<1:4.2.8p3+dfsg-1
H Insufficient Entropy	<1:4.2.6.p5+dfsg-7
H Buffer Overflow	<1:4.2.8p4+dfsg-1
M Improper Input Validation	<1:4.2.8p4+dfsg-1
C Improper Authentication	<1:4.2.8p4+dfsg-1
M Improper Input Validation	<1:4.2.8p4+dfsg-1
H Use After Free	<1:4.2.8p4+dfsg-1
H Missing Release of Resource after Effective Lifetime	<1:4.2.8p4+dfsg-1
C Buffer Overflow	<1:4.2.8p4+dfsg-1
H Improper Input Validation	<1:4.2.8p4+dfsg-1
M Improper Input Validation	<1:4.2.8p4+dfsg-1
H Improper Input Validation	<1:4.2.8p4+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:4.2.8p4+dfsg-1
C Improper Input Validation	<1:4.2.8p4+dfsg-3
H Improper Input Validation	<1:4.2.8p4+dfsg-3
H Improper Input Validation	<1:4.2.8p4+dfsg-1
L Incorrect Type Conversion or Cast	<1:4.2.8p3+dfsg-1
L Improper Input Validation	<1:4.2.8p3+dfsg-1
L Improper Input Validation	<1:4.2.8p3+dfsg-1
H Time and State	<1:4.2.8p4+dfsg-2
L Access Restriction Bypass	<1:4.2.8p9+dfsg-2
M Improper Input Validation	<1:4.2.8p10+dfsg-1
L Out-of-Bounds	<1:4.2.8p10+dfsg-1
L Improper Input Validation	<1:4.2.8p10+dfsg-1
H Out-of-Bounds	<1:4.2.8p10+dfsg-1
L Out-of-Bounds	<1:4.2.8p10+dfsg-1
M Out-of-Bounds	<1:4.2.8p7+dfsg-1
L Security Features	<1:4.2.8p7+dfsg-1
L Security Features	<1:4.2.8p7+dfsg-1
H Improper Data Handling	<1:4.2.8p7+dfsg-1
M CVE-2015-8158	<1:4.2.8p7+dfsg-1
M Improper Input Validation	<1:4.2.8p7+dfsg-1
H Resource Exhaustion	<1:4.2.8p7+dfsg-1
M Improper Access Control	<1:4.2.8p7+dfsg-1
L Improper Input Validation	<1:4.2.8p7+dfsg-1
M Improper Input Validation	<1:4.2.8p7+dfsg-1
M Out-of-bounds Read	<1:4.2.8p7+dfsg-1
M NULL Pointer Dereference	<1:4.2.8p7+dfsg-1
M Out-of-Bounds	<1:4.2.8p7+dfsg-1
M Improper Access Control	<1:4.2.8p7+dfsg-1
H Resource Exhaustion	<1:4.2.8p9+dfsg-1
M Resource Exhaustion	<1:4.2.8p9+dfsg-1
M Resource Exhaustion	<1:4.2.8p9+dfsg-1
M Resource Exhaustion	<1:4.2.8p9+dfsg-1
H Improper Input Validation	<1:4.2.8p9+dfsg-1
M Incorrect Calculation	<1:4.2.8p9+dfsg-1
M NULL Pointer Dereference	<1:4.2.8p9+dfsg-1
M Improper Input Validation	<1:4.2.8p9+dfsg-1
L Source Code	<1:4.2.8p9+dfsg-1
M Information Exposure	<1:4.2.8p7+dfsg-1
H Improper Data Handling	<1:4.2.8p7+dfsg-1
M Improper Data Handling	<1:4.2.8p7+dfsg-1
H Integer Overflow or Wraparound	<1:4.2.8p4+dfsg-1
M Improper Input Validation	<1:4.2.8p7+dfsg-1
H Improper Authentication	<1:4.2.8p8+dfsg-1
H Race Condition	<1:4.2.8p8+dfsg-1
M Race Condition	<1:4.2.8p8+dfsg-1
M CVE-2016-4956	<1:4.2.8p8+dfsg-1
H NULL Pointer Dereference	<1:4.2.8p8+dfsg-1
L Improper Authentication	<1:4.2.8p7+dfsg-1
M Improper Input Validation	<1:4.2.6.p5+dfsg-4
M Improper Input Validation	<1:4.2.6.p5+dfsg-5
L Code	<1:4.2.6.p5+dfsg-6
M Code	<1:4.2.6.p5+dfsg-6
H CVE-2014-9294	<1:4.2.6.p5+dfsg-3.2
H Out-of-Bounds	<1:4.2.6.p5+dfsg-3.2
H CVE-2014-9293	<1:4.2.6.p5+dfsg-3.2
M Code	<1:4.2.6.p5+dfsg-3.2
L Improper Input Validation	<1:4.2.8p3+dfsg-1
M CVE-2009-3563	<1:4.2.4p8+dfsg-1
H Out-of-Bounds	<1:4.2.4p6+dfsg-2
L Out-of-Bounds	<1:4.2.4p6+dfsg-2
M Improper Authentication	<1:4.2.4p4+dfsg-8
M CVE-2005-2496	<1:4.2.0a+stable-2sarge1
M Integer Overflow or Wraparound	<4.0

Vulnerability

Vulnerable Version

Improper Input Validation