ntpd is not vulnerable · Issue #1 · spwpun/ntp-4.2.8p15-cves
The first four of these CVEs affect a function in libntp that is only used by ntpq, but not by ntpd. The last CVE affects the driver for a hardware clock (GPS receiver), so ntpd might be vulnerable...