Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 803434 (CVE-2021-36222)

Summary: <app-crypt/mit-krb5-1.19.2: null pointer dereference (CVE-2021-36222)
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: minor CC: kerberos
Priority: Normal Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
Whiteboard: B3 [glsa?]
Package list:
app-crypt/mit-krb5-1.19.2
Runtime testing required: ---

Description John Helmert III gentoo-dev Security 2021-07-22 23:12:00 UTC
CVE-2021-36222:

ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
Comment 1 Sam James archtester gentoo-dev Security 2021-07-28 04:54:32 UTC
@eras, could you bump to 1.19.2? thanks!
Comment 2 Larry the Git Cow gentoo-dev 2021-07-28 15:48:47 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c77d11611eb26edc2cbe27fe6ce33b69d151f0c7

commit c77d11611eb26edc2cbe27fe6ce33b69d151f0c7
Author:     Eray Aslan <eras@gentoo.org>
AuthorDate: 2021-07-28 15:48:13 +0000
Commit:     Eray Aslan <eras@gentoo.org>
CommitDate: 2021-07-28 15:48:13 +0000

    app-crypt/mit-krb5: security bump to 1.19.2
    
    Bug: https://bugs.gentoo.org/803434
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Eray Aslan <eras@gentoo.org>

 app-crypt/mit-krb5/Manifest               |   1 +
 app-crypt/mit-krb5/mit-krb5-1.19.2.ebuild | 161 ++++++++++++++++++++++++++++++
 2 files changed, 162 insertions(+)
Comment 3 Agostino Sarubbo gentoo-dev 2021-07-29 06:40:32 UTC
sparc stable
Comment 4 Sam James archtester gentoo-dev Security 2021-07-30 07:00:03 UTC
Thanks eras!
Comment 5 Agostino Sarubbo gentoo-dev 2021-07-30 15:11:27 UTC
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2021-07-30 15:14:49 UTC
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2021-07-30 15:18:11 UTC
ppc64 stable
Comment 8 Sam James archtester gentoo-dev Security 2021-07-30 22:35:44 UTC
x86 done
Comment 9 Sam James archtester gentoo-dev Security 2021-07-30 22:35:50 UTC
arm done
Comment 10 Rolf Eike Beer archtester 2021-07-31 12:35:22 UTC
hppa done
Comment 11 Sam James archtester gentoo-dev Security 2021-08-01 17:40:59 UTC
arm64 done

all arches done
Comment 12 Sam James archtester gentoo-dev Security 2021-08-01 17:53:04 UTC
Please cleanup, thanks!
Comment 13 Larry the Git Cow gentoo-dev 2021-08-02 10:36:08 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=98dc35e8c0f276aa167465b5e7636e8a975beaed

commit 98dc35e8c0f276aa167465b5e7636e8a975beaed
Author:     Eray Aslan <eras@gentoo.org>
AuthorDate: 2021-08-02 10:35:50 +0000
Commit:     Eray Aslan <eras@gentoo.org>
CommitDate: 2021-08-02 10:35:50 +0000

    app-crypt/mit-krb5: cleanup
    
    Bug: https://bugs.gentoo.org/803434
    Package-Manager: Portage-3.0.20, Repoman-3.0.3
    Signed-off-by: Eray Aslan <eras@gentoo.org>

 app-crypt/mit-krb5/Manifest                        |   3 -
 app-crypt/mit-krb5/files/CVE-2020-28196.patch      |  71 ---------
 .../files/mit-krb5-1.18.2-autoconf-2.70.patch      |  35 -----
 .../mit-krb5/files/mit-krb5_dont_create_run.patch  |  10 --
 app-crypt/mit-krb5/mit-krb5-1.18.2-r4.ebuild       | 166 ---------------------
 app-crypt/mit-krb5/mit-krb5-1.18.3-r2.ebuild       | 164 --------------------
 app-crypt/mit-krb5/mit-krb5-1.19.1-r1.ebuild       | 161 --------------------
 7 files changed, 610 deletions(-)