Summary: | <app-crypt/mit-krb5-1.21.3 vulnerabilities in GSS message token handling | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Eray Aslan <eras> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | minor | CC: | kerberos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://web.mit.edu/kerberos/www/krb5-1.21/ | ||
Whiteboard: | B3 [stable] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 934995 | ||
Bug Blocks: |
Description
Eray Aslan
2024-06-27 07:19:55 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0b0b1dcf64f222410abcf1cb8cc953ffe497a205 commit 0b0b1dcf64f222410abcf1cb8cc953ffe497a205 Author: Eray Aslan <eras@gentoo.org> AuthorDate: 2024-06-27 07:27:20 +0000 Commit: Eray Aslan <eras@gentoo.org> CommitDate: 2024-06-27 07:29:23 +0000 app-crypt/mit-krb5: add 1.21.3 security bump also - install ldif files when openldap USE flag is in use - make +threads USE flag mandatory Bug: https://bugs.gentoo.org/934994 Closes: https://bugs.gentoo.org/890038 Closes: https://bugs.gentoo.org/868462 Signed-off-by: Eray Aslan <eras@gentoo.org> app-crypt/mit-krb5/Manifest | 1 + app-crypt/mit-krb5/mit-krb5-1.21.3.ebuild | 154 ++++++++++++++++++++++++++++++ 2 files changed, 155 insertions(+) CVE-2024-37370: In MIT krb5 release 1.3 and later, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. CVE-2024-37371: In MIT krb5 release 1.3 and later, an attacker can cause invalid memory reads by sending message tokens with invalid length fields. These sound like Denial of Service issues to me, but I'm not familiar enough with Kerberos to be sure and the description here is a bit sparse. |