A proper fix has been accepted upstream, this is just a simple workaround.

http://lists.ntp.isc.org/pipermail/hackers/2005-June/001418.html
http://bugs.gentoo.org/show_bug.cgi?id=99713
https://ntp.isc.org/bugs/show_bug.cgi?id=477

--- ntpd/ntpd.c
+++ ntpd/ntpd.c
@@ -691,6 +691,16 @@
 				"Cannot adjust stack limit for mlockall: %m");
 		    }
 	    }
+	    /*
+	     * The default RLIMIT_MEMLOCK is very low on Linux systems.
+	     * Unless we increase this limit malloc calls are likely to
+	     * fail if we drop root privlege.  To be useful the value
+	     * has to be larger than the largest ntpd resident set size.
+	     */
+	    rl.rlim_cur = rl.rlim_max = 32*1024*1024;
+	    if (setrlimit(RLIMIT_MEMLOCK, &rl) == -1) {
+	    	msyslog(LOG_ERR, "Cannot set RLIMIT_MEMLOCK: %m");
+	    }
 	}
 # endif /* HAVE_SETRLIMIT */
 	/*