Security News > 2021 > October > CISA: GPS software bug may cause unexpected behavior this Sunday
The Cybersecurity and Infrastructure Security Agency warned that GPS deices might experience issues over the weekend because of a timing bug impacting Network Time Protocol servers running the GPS Daemon software.
"The Network Time Protocol has been critical in ensuring time is accurately kept for various systems businesses and organizations rely on. Authentication mechanisms such as Time-based One-Time Password and Kerberos also rely heavily on time. As such, should there be a severe mismatch in time, users would not be able to authenticate and gain access to systems." - SANS ISC. The bug is set to trigger this Sunday, on October 24th, and the implications are somewhat unpredictable as it could cause systems to become unresponsive or unavailable.
On October 24, 2021, all Network Time Protocol servers using GPSD versions 3.20 through 3.22 are going to jump back 1024 weeks in time, to March 3, 2002.
CURRENT ACTIVIY: On October 24, 2021, Network Time Protocol servers using bugged GPSD versions 3.20-3.22 may rollback the date 1,024 weeks-to March 2002-which may cause systems and services to become unavailable or unresponsive.
GPS satellites count time in weeks and seconds within the active week.
The last time it happened was on April 6, 2019, and it caused flight cancellations, wireless network crashes, and functional problems on older smartphones.