Описание
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 7.5.0+dfsg-1ubuntu0.3 |
| devel | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| esm-infra-legacy/trusty | not-affected | 1.6~git20131207+dfsg-1ubuntu1.2+esm3 |
| esm-infra/bionic | not-affected | 7.5.0+dfsg-1ubuntu0.3 |
| esm-infra/focal | not-affected | 7.7.0+dfsg-1ubuntu1.3 |
| esm-infra/xenial | released | 1.7~git20150920+dfsg-4ubuntu1.16.04.1+esm3 |
| focal | released | 7.7.0+dfsg-1ubuntu1.3 |
| jammy | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.16-2ubuntu0.3 |
| devel | not-affected | 1.20.1-1build1 |
| esm-infra-legacy/trusty | not-affected | 1.12+dfsg-2ubuntu5.4+esm3 |
| esm-infra/bionic | not-affected | 1.16-2ubuntu0.3 |
| esm-infra/focal | not-affected | 1.17-6ubuntu4.2 |
| esm-infra/xenial | released | 1.13.2+dfsg-5ubuntu2.2+esm3 |
| focal | released | 1.17-6ubuntu4.2 |
| jammy | released | 1.19.2-2ubuntu0.1 |
| kinetic | released | 1.20-1ubuntu0.1 |
| lunar | not-affected | 1.20.1-1build1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 2:4.17.3+dfsg-3ubuntu1 |
| esm-infra-legacy/trusty | needed | |
| esm-infra/bionic | needed | |
| esm-infra/focal | not-affected | 2:4.15.13+dfsg-0ubuntu0.20.04.1 |
| esm-infra/xenial | needs-triage | |
| focal | released | 2:4.15.13+dfsg-0ubuntu0.20.04.1 |
| jammy | released | 2:4.15.13+dfsg-0ubuntu1 |
| kinetic | released | 2:4.16.8+dfsg-0ubuntu1 |
| lunar | not-affected | 2:4.17.3+dfsg-3ubuntu1 |
Показывать по
Ссылки на источники
EPSS
8.8 High
CVSS3
Связанные уязвимости
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."
PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x befo ...
EPSS
8.8 High
CVSS3