{"id":"CVE-2021-22212","details":"ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the '#'. This results in the administrator not being able to use the keys as expected or the keys are shorter than expected and easier to brute-force, possibly resulting in MITM attacks between ntp clients and ntp servers. For short AES128 keys, ntpd generates a warning that it is padding them.","modified":"2026-04-11T12:35:38.438302Z","published":"2021-06-08T13:15:07.567Z","related":["openSUSE-SU-2024:11103-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"34"}],"cpe":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GIT2HYL5BQXPGKI6ZDNG473IEQ5WQF2/"},{"type":"ADVISORY","url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22212.json"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955859"},{"type":"FIX","url":"https://gitlab.com/NTPsec/ntpsec/-/issues/699"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ntpsec/ntpsec","events":[{"introduced":"0"},{"last_affected":"1feb8f90dd30ae573bf79205af53879a6e1e60c4"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"1.2.0"}],"cpe":"cpe:2.3:a:ntpsec:ntpsec:1.2.0:*:*:*:*:*:*:*"}}],"versions":["HMS_PRE_AC_214A_AUDIO","NTP_4_0_94","NTP_4_0_94b","NTP_4_0_95","NTP_4_0_96","NTP_4_0_96_P1","NTP_4_0_97","NTP_4_0_97_A","NTP_4_0_97_B","NTP_4_0_97_C","NTP_4_0_97_D","NTP_4_0_97_E","NTP_4_0_97_F","NTP_4_0_98","NTP_4_0_98_A","NTP_4_0_98_D","NTP_4_0_98_E","NTP_4_0_98_F","NTP_4_0_98_G","NTP_4_0_98_H","NTP_4_0_98_I","NTP_4_0_98_J","NTP_4_0_98_M","NTP_4_0_99","NTP_4_0_99M_RC3","NTP_4_0_99_A","NTP_4_0_99_B","NTP_4_0_99_C","NTP_4_0_99_E","NTP_4_0_99_F","NTP_4_0_99_G","NTP_4_0_99_J","NTP_4_0_99_K","NTP_4_0_99_M","NTP_4_1_0","NTP_4_2_3P2","NTP_4_2_3P61_RC","NTP_4_2_3P62_RC","NTP_4_2_3P63_RC","NTP_4_2_3P64_RC","NTP_4_2_3P65_RC","NTP_4_2_3P66_RC","NTP_4_2_3P67_RC","NTP_4_2_3P68_RC","NTP_4_2_3P69_RC","NTP_4_2_3P70_RC","NTP_4_2_5","NTP_4_2_5P0","NTP_4_2_5P100","NTP_4_2_5P101","NTP_4_2_5P103","NTP_4_2_5P104","NTP_4_2_5P105","NTP_4_2_5P106","NTP_4_2_5P107","NTP_4_2_5P108","NTP_4_2_5P109","NTP_4_2_5P110","NTP_4_2_5P111","NTP_4_2_5P112","NTP_4_2_5P113","NTP_4_2_5P114","NTP_4_2_5P115","NTP_4_2_5P116","NTP_4_2_5P118","NTP_4_2_5P142","NTP_4_2_5P143","NTP_4_2_5P144","NTP_4_2_5P145","NTP_4_2_5P150","NTP_4_2_5P166","NTP_4_2_5P168","NTP_4_2_5P169","NTP_4_2_5P170","NTP_4_2_5P171","NTP_4_2_5P172","NTP_4_2_5P175","NTP_4_2_5P176","NTP_4_2_5P177","NTP_4_2_5P178","NTP_4_2_5P179","NTP_4_2_5P180","NTP_4_2_5P181","NTP_4_2_5P182","NTP_4_2_5P183","NTP_4_2_5P184","NTP_4_2_5P185","NTP_4_2_5P187","NTP_4_2_5P188","NTP_4_2_5P189","NTP_4_2_5P190","NTP_4_2_5P191","NTP_4_2_5P192","NTP_4_2_5P193","NTP_4_2_5P194","NTP_4_2_5P195","NTP_4_2_5P196","NTP_4_2_5P197","NTP_4_2_5P198","NTP_4_2_5P199","NTP_4_2_5P201","NTP_4_2_5P202","NTP_4_2_5P203","NTP_4_2_5P204","NTP_4_2_5P205","NTP_4_2_5P209","NTP_4_2_5P210","NTP_4_2_5P212","NTP_4_2_5P213","NTP_4_2_5P214","NTP_4_2_5P215","NTP_4_2_5P216","NTP_4_2_5P217","NTP_4_2_5P218","NTP_4_2_5P219","NTP_4_2_5P220","NTP_4_2_5P222","NTP_4_2_5P223","NTP_4_2_5P224","NTP_4_2_5P225","NTP_4_2_5P226","NTP_4_2_5P227","NTP_4_2_5P228","NTP_4_2_5P229","NTP_4_2_5P230_RC","NTP_4_2_5P231_RC","NTP_4_2_5P232_RC","NTP_4_2_5P248_RC","NTP_4_2_5P249_RC","NTP_4_2_5P250_RC","NTP_4_2_5P30","NTP_4_2_5P31","NTP_4_2_5P32","NTP_4_2_5P33","NTP_4_2_5P34","NTP_4_2_5P35","NTP_4_2_5P38","NTP_4_2_5P39","NTP_4_2_5P40","NTP_4_2_5P41","NTP_4_2_5P42","NTP_4_2_5P43","NTP_4_2_5P44","NTP_4_2_5P51","NTP_4_2_5P52","NTP_4_2_5P53","NTP_4_2_5P56","NTP_4_2_5P57","NTP_4_2_5P58","NTP_4_2_5P59","NTP_4_2_5P60","NTP_4_2_5P61","NTP_4_2_5P62","NTP_4_2_5P63","NTP_4_2_5P64","NTP_4_2_5P65","NTP_4_2_5P66","NTP_4_2_5P69","NTP_4_2_5P70","NTP_4_2_5P71","NTP_4_2_5P72","NTP_4_2_5P73","NTP_4_2_5P75","NTP_4_2_5P76","NTP_4_2_5P77","NTP_4_2_5P78","NTP_4_2_5P79","NTP_4_2_5P80","NTP_4_2_5P81","NTP_4_2_5P82","NTP_4_2_5P83","NTP_4_2_5P84","NTP_4_2_5P85","NTP_4_2_5P86","NTP_4_2_5P87","NTP_4_2_5P88","NTP_4_2_5P89","NTP_4_2_5P90","NTP_4_2_5P91","NTP_4_2_5P92","NTP_4_2_5P93","NTP_4_2_5P95","NTP_4_2_5P97","NTP_4_2_5P98","NTP_4_2_7P100","NTP_4_2_7P101","NTP_4_2_7P102","NTP_4_2_7P103","NTP_4_2_7P104","NTP_4_2_7P105","NTP_4_2_7P106","NTP_4_2_7P107","NTP_4_2_7P108","NTP_4_2_7P109","NTP_4_2_7P110","NTP_4_2_7P111","NTP_4_2_7P131","NTP_4_2_7P132","NTP_4_2_7P14","NTP_4_2_7P15","NTP_4_2_7P16","NTP_4_2_7P160","NTP_4_2_7P161","NTP_4_2_7P162","NTP_4_2_7P163","NTP_4_2_7P164","NTP_4_2_7P165","NTP_4_2_7P166","NTP_4_2_7P167","NTP_4_2_7P168","NTP_4_2_7P17","NTP_4_2_7P174","NTP_4_2_7P176","NTP_4_2_7P177","NTP_4_2_7P178","NTP_4_2_7P179","NTP_4_2_7P18","NTP_4_2_7P182","NTP_4_2_7P183","NTP_4_2_7P184","NTP_4_2_7P185","NTP_4_2_7P186","NTP_4_2_7P187","NTP_4_2_7P188","NTP_4_2_7P189","NTP_4_2_7P19","NTP_4_2_7P190","NTP_4_2_7P191","NTP_4_2_7P192","NTP_4_2_7P195","NTP_4_2_7P196","NTP_4_2_7P197","NTP_4_2_7P198","NTP_4_2_7P199","NTP_4_2_7P20","NTP_4_2_7P200","NTP_4_2_7P201","NTP_4_2_7P202","NTP_4_2_7P204","NTP_4_2_7P205","NTP_4_2_7P206","NTP_4_2_7P207","NTP_4_2_7P208","NTP_4_2_7P209","NTP_4_2_7P210","NTP_4_2_7P211","NTP_4_2_7P212","NTP_4_2_7P228","NTP_4_2_7P229","NTP_4_2_7P230","NTP_4_2_7P231","NTP_4_2_7P232","NTP_4_2_7P233","NTP_4_2_7P234","NTP_4_2_7P235","NTP_4_2_7P236","NTP_4_2_7P237","NTP_4_2_7P238","NTP_4_2_7P239","NTP_4_2_7P24","NTP_4_2_7P240","NTP_4_2_7P241","NTP_4_2_7P242","NTP_4_2_7P243","NTP_4_2_7P244","NTP_4_2_7P245","NTP_4_2_7P246","NTP_4_2_7P247","NTP_4_2_7P248","NTP_4_2_7P249","NTP_4_2_7P25","NTP_4_2_7P250","NTP_4_2_7P251","NTP_4_2_7P252","NTP_4_2_7P253","NTP_4_2_7P254","NTP_4_2_7P255","NTP_4_2_7P26","NTP_4_2_7P269","NTP_4_2_7P27","NTP_4_2_7P270","NTP_4_2_7P296","NTP_4_2_7P297","NTP_4_2_7P298","NTP_4_2_7P299","NTP_4_2_7P30","NTP_4_2_7P300","NTP_4_2_7P301","NTP_4_2_7P302","NTP_4_2_7P303","NTP_4_2_7P304","NTP_4_2_7P305","NTP_4_2_7P306","NTP_4_2_7P31","NTP_4_2_7P32","NTP_4_2_7P329","NTP_4_2_7P33","NTP_4_2_7P330","NTP_4_2_7P331","NTP_4_2_7P332","NTP_4_2_7P333","NTP_4_2_7P334","NTP_4_2_7P335","NTP_4_2_7P336","NTP_4_2_7P337","NTP_4_2_7P339","NTP_4_2_7P34","NTP_4_2_7P344","NTP_4_2_7P345","NTP_4_2_7P346","NTP_4_2_7P347","NTP_4_2_7P348","NTP_4_2_7P349","NTP_4_2_7P35","NTP_4_2_7P350","NTP_4_2_7P351","NTP_4_2_7P352","NTP_4_2_7P353","NTP_4_2_7P354","NTP_4_2_7P355","NTP_4_2_7P356","NTP_4_2_7P357","NTP_4_2_7P358","NTP_4_2_7P359","NTP_4_2_7P360","NTP_4_2_7P361","NTP_4_2_7P362","NTP_4_2_7P363","NTP_4_2_7P364","NTP_4_2_7P365","NTP_4_2_7P366","NTP_4_2_7P367","NTP_4_2_7P368","NTP_4_2_7P375","NTP_4_2_7P376","NTP_4_2_7P377","NTP_4_2_7P378","NTP_4_2_7P379","NTP_4_2_7P381","NTP_4_2_7P382","NTP_4_2_7P383","NTP_4_2_7P387","NTP_4_2_7P388","NTP_4_2_7P389","NTP_4_2_7P390","NTP_4_2_7P391","NTP_4_2_7P394","NTP_4_2_7P395","NTP_4_2_7P396","NTP_4_2_7P397","NTP_4_2_7P398","NTP_4_2_7P399","NTP_4_2_7P402","NTP_4_2_7P403","NTP_4_2_7P404","NTP_4_2_7P405","NTP_4_2_7P406","NTP_4_2_7P408","NTP_4_2_7P410","NTP_4_2_7P411","NTP_4_2_7P412","NTP_4_2_7P413","NTP_4_2_7P414","NTP_4_2_7P415","NTP_4_2_7P417","NTP_4_2_7P418","NTP_4_2_7P419","NTP_4_2_7P420","NTP_4_2_7P421","NTP_4_2_7P443","NTP_4_2_7P444","NTP_4_2_7P445","NTP_4_2_7P446","NTP_4_2_7P447","NTP_4_2_7P448","NTP_4_2_7P449","NTP_4_2_7P450","NTP_4_2_7P451","NTP_4_2_7P452","NTP_4_2_7P453","NTP_4_2_7P457","NTP_4_2_7P462","NTP_4_2_7P463","NTP_4_2_7P464","NTP_4_2_7P465","NTP_4_2_7P466","NTP_4_2_7P467","NTP_4_2_7P468","NTP_4_2_7P469","NTP_4_2_7P470","NTP_4_2_7P471","NTP_4_2_7P472","NTP_4_2_7P473","NTP_4_2_7P474","NTP_4_2_7P475","NTP_4_2_7P476","NTP_4_2_7P477","NTP_4_2_7P478","NTP_4_2_7P479","NTP_4_2_7P480","NTP_4_2_7P481","NTP_4_2_7P482","NTP_4_2_7P483","NTP_4_2_7P484_RC","NTP_4_2_7P75","NTP_4_2_7P76","NTP_4_2_7P77","NTP_4_2_7P78","NTP_4_2_7P79","NTP_4_2_7P80","NTP_4_2_7P81","NTP_4_2_7P84","NTP_4_2_7P85","NTP_4_2_7P86","NTP_4_2_7P89","NTP_4_2_7P90","NTP_4_2_7P91","NTP_4_2_7P92","NTP_4_2_7P93","NTP_4_2_7P94","NTP_4_2_7P95","NTP_4_2_7P96","NTP_4_2_7P97","NTP_4_2_7P98","NTP_4_2_7P99","NTP_4_3_0","NTP_4_3_1","NTP_4_3_10","NTP_4_3_11","NTP_4_3_12","NTP_4_3_13","NTP_4_3_14","NTP_4_3_2","NTP_4_3_24","NTP_4_3_25","NTP_4_3_26","NTP_4_3_27","NTP_4_3_28","NTP_4_3_29","NTP_4_3_3","NTP_4_3_30","NTP_4_3_31","NTP_4_3_32","NTP_4_3_33","NTP_4_3_34","NTP_4_3_4","NTP_4_3_5","NTP_4_3_6","NTP_4_3_7","NTP_4_3_8","NTP_4_3_9","NTP_4_98_c","NTPsec_0_9_7","NTPsec_0_9_8","NTPsec_1_0_0","NTPsec_1_1_0","NTPsec_1_1_1","NTPsec_1_1_2","NTPsec_1_1_3","NTPsec_1_1_4","NTPsec_1_1_5","NTPsec_1_1_6","NTPsec_1_1_7","NTPsec_1_1_8","NTPsec_1_1_9","NTPsec_1_2_0","POST_ATT_Y2K","POST_NT_991015","PRE_ATT_Y2K","PRE_CRYPTO","PRE_NT_991015","git-conversion"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-22212.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}