A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created

chrony before 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote at

Chrony before 1.29.1 has traffic amplification in cmdmon protocol

chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which mig

chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which all

Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash)

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors r

Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service (crash) via a

chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unauthorized cmdmon packet, which all

The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of cli

The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, allows remote attackers to cause