Описание
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.21.3-4ubuntu2 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | released | 1.17-6ubuntu4.9 |
| esm-infra/xenial | needs-triage | |
| focal | released | 1.17-6ubuntu4.9 |
| jammy | released | 1.19.2-2ubuntu0.6 |
| noble | released | 1.20.1-6ubuntu2.5 |
| oracular | released | 1.21.3-3ubuntu0.2 |
| plucky | released | 1.21.3-4ubuntu2 |
Показывать по
EPSS
7.1 High
CVSS3
Связанные уязвимости
A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service.
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of-bounds write and kadmind daemon crash.
In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation ...
EPSS
7.1 High
CVSS3