NTP bug gives IOS a wedgie

Over the weekend, Cisco announced it had closed off a denial-of-service bug in a network time protocol (NTP) implementation.

The bug exists in IOS versions 15.5(3)S3, 15.6(1)S2, 15.6(2)S1 and 15.6(2)T1.

Those versions of IOS don't properly clear invalid NTP packets from the interface queue, causing what Switchzilla colourfully calls an “interface wedge” (explained here: it means the queue eventually fills up).

There's a fix, and there are no workarounds. ®