Vulnerability CVE-2023-39975: Information

Description

kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Published: Aug. 16, 2023
Modified: Feb. 1, 2024
Error type identifier: CWE-415

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
krb5sisyphus1.21.2-alt11.21.2-alt2ALT-PU-2023-4976-1327265Fixed
krb5sisyphus_e2k1.21.2-alt11.21.2-alt2ALT-PU-2023-5011-1-Fixed
krb5sisyphus_mipsel1.21.2-alt11.21.2-alt1ALT-PU-2023-5005-1-Fixed
krb5sisyphus_riscv641.21.2-alt11.21.2-alt1ALT-PU-2023-5007-1-Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
      Start including
      1.21
      End excliding
      1.21.2