Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 640808 (CVE-2017-17439) - <app-crypt/heimdal-7.5.0 Remote unauthenticated DoS
Summary: <app-crypt/heimdal-7.5.0 Remote unauthenticated DoS
Status: RESOLVED FIXED
Alias: CVE-2017-17439
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://cve.mitre.org/cgi-bin/cvename...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-12-12 09:07 UTC by Eray Aslan
Modified: 2018-04-22 22:46 UTC (History)
1 user (show)

See Also:
Package list:
=app-crypt/heimdal-7.5.0
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Eray Aslan gentoo-dev 2017-12-12 09:07:09 UTC
In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and the der_length_visible_string function in lib/asn1/der_length.c.

See also: https://github.com/heimdal/heimdal/issues/353
Comment 1 Eray Aslan gentoo-dev 2017-12-12 09:13:23 UTC
Arches, please test and mark stable
=app-crypt/heimdal-7.5.0

TARGET KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd"
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2017-12-12 16:36:36 UTC
x86 stable
Comment 3 Sergei Trofimovich (RETIRED) gentoo-dev 2017-12-13 07:42:55 UTC
ppc/ppc64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2017-12-14 20:28:09 UTC
amd64 stable
Comment 5 Markus Meier gentoo-dev 2017-12-21 19:27:58 UTC
arm stable
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2017-12-28 22:03:03 UTC
ia64 stable
Comment 7 Tobias Klausmann (RETIRED) gentoo-dev 2018-01-29 08:34:01 UTC
Stable on alpha.
Comment 8 Matt Turner gentoo-dev 2018-04-22 22:41:00 UTC
hppa stable
Comment 9 Larry the Git Cow gentoo-dev 2018-04-22 22:46:00 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b8d3108007a97d63ba6eebd5f279ad56cf2d314d

commit b8d3108007a97d63ba6eebd5f279ad56cf2d314d
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-04-22 22:45:09 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-04-22 22:45:52 +0000

    app-crypt/heimdal: drop vulnerable
    
    Bug: https://bugs.gentoo.org/640808
    Package-Manager: Portage-2.3.31, Repoman-2.3.9

 app-crypt/heimdal/Manifest             |   1 -
 app-crypt/heimdal/heimdal-7.4.0.ebuild | 173 ---------------------------------
 2 files changed, 174 deletions(-)}
Comment 10 Aaron Bauman (RETIRED) gentoo-dev 2018-04-22 22:46:36 UTC
GLSA Vote: No