Описание
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.16-2ubuntu0.4 |
| devel | not-affected | 1.19.2-2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | 1.16-2ubuntu0.4 |
| esm-infra/focal | not-affected | 1.17-6ubuntu4.3 |
| esm-infra/xenial | not-affected | code not present |
| focal | released | 1.17-6ubuntu4.3 |
| hirsute | ignored | end of life |
| impish | not-affected | 1.18.3-6 |
| jammy | not-affected | 1.19.2-2 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) ...
EPSS
5 Medium
CVSS2
7.5 High
CVSS3