HCE2-SA-2023-0211 Moderate HCE 2.0 Security Fix(es): mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. (CVE-2023-26554) praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver. (CVE-2023-26555) mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. (CVE-2023-26552) mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. (CVE-2023-26551) mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd. (CVE-2023-26553) HCE 2.0 ntp-4.2.8p15-5.r5.hce2.aarch64.rpm ntp-help-4.2.8p15-5.r5.hce2.noarch.rpm ntp-perl-4.2.8p15-5.r5.hce2.noarch.rpm ntp-4.2.8p15-5.r5.hce2.x86_64.rpm