BSA-2017-227
21352
31 March 2017
31 March 2017
Closed
Low
1.6
N/A
CVE-2016-7433
Summary
Security Advisory ID : BSA-2017-227
Component : ntp
Revision : 1.0: Interim
Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation of a small-print variable in The Book, the fix for this problem was incorrect, resulting in a root distance that did not include the peer dispersion. The calculations and formulae have been reviewed and reconciled, and the code has been updated accordingly.
Affected Products
| Product | Current Assessment |
|---|---|
| Brocade 5400 vRouter | Impacted: Fixed in 6.7R12. |
| Brocade 5600 vRouter | Impacted: Fixed in 5.2R1. |
| Brocade Services Director | Impacted: Fixed in 17.1 and later. |
Products Confirmed Not Vulnerable
Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network Advisor, Brocade Network OS, Brocade SDN Controller, Brocade ServerIron ADX, Brocade SLX-OS, Brocade Virtual ADX, BrocadeVirtual Traffic Manager: Software, and Brocade Virtual Web Application Firewall are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
| Version | Change | Date |
|---|---|---|
| 1.0 | Initial Publication | August 25, 2017 |
| 1.0 | Initial Publication | March 31, 2017 |