{"affected":[{"ecosystem_specific":{"binaries":[{"chrony":"4.1-5.12.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5","name":"chrony","purl":"pkg:rpm/suse/chrony&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.1-5.12.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for chrony fixes the following issues:\n\nSecurity issues fixed:\n  - Race condition during socket creation by chronyc allows privilege escalation from user chrony to root (bsc#1246544).\n    \nOther issues fixed:\n  - Improve connection retry intervals when facing NTS-KE related issues (bsc#1213551).\n    * nts: use shorter NTS-KE retry interval when network is down.\n    * ntp: don't adjust poll interval when waiting for NTS-KE.\n","id":"SUSE-SU-2025:3868-1","modified":"2025-10-30T13:44:59Z","published":"2025-10-30T13:44:59Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20253868-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1194220"},{"type":"REPORT","url":"https://bugzilla.suse.com/1194229"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213551"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246544"}],"related":[],"summary":"Security update for chrony","upstream":[]}