PT-2023-8967 · Mit+8 · Mit Kerberos 5+8

Robert Morris

·

Publicado

2023-07-11

·

Atualizado

2024-06-15

·

CVE-2023-36054

CVSS v2.0

6.8

Média

VetorAV:N/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions MIT Kerberos 5 (aka krb5) versions 1.20.2 and earlier, 1.21.x versions prior to 1.21.1
Description The issue is related to the lib/kadm5/kadm rpc xdr.c file in the Kerberos implementation, where an uninitialized pointer is freed. This can be exploited by a remote authenticated user to trigger a kadmind crash due to the lack of validation between n key data and the key data array count in the xdr kadm5 principal ent rec function.
Recommendations For MIT Kerberos 5 (aka krb5) versions 1.20.2 and earlier, update to version 1.20.2 or later. For MIT Kerberos 5 (aka krb5) 1.21.x versions prior to 1.21.1, update to version 1.21.1 or later. As a temporary workaround, consider restricting access to the vulnerable lib/kadm5/kadm rpc xdr.c module to minimize the risk of exploitation.

Correção

DoS

Access of Uninitialized Pointer

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-824

Identificadores relacionados

ALSA-2023:6699
ALT-PU-2023-4333
ALT-PU-2023-4585
ALT-PU-2023-4586
ALT-PU-2024-2315
ALT-PU-2024-6715
AZL-27874
BDU:2024-02770
CVE-2023-36054
DLA-3626-1
OESA-2023-1526
OESA-2023-1527
OESA-2023-1528
OESA-2023-1555
OESA-2023-1556
OPENSUSE-SU-2023_3325-1
OPENSUSE-SU-2023_3363-1
OPENSUSE-SU-2024:13050-1
RHSA-2023:6699
RHSA-2023_6699
SUSE-SU-2023:3325-1
SUSE-SU-2023:3363-1
SUSE-SU-2023:3365-1
SUSE-SU-2023:3398-1
SUSE-SU-2023:3434-1
SUSE-SU-2023_3325-1
SUSE-SU-2023_3363-1
SUSE-SU-2023_3365-1
SUSE-SU-2023_3398-1
SUSE-SU-2023_3434-1
USN-6467-1
USN-6467-2

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Linuxmint
Mit Kerberos 5
Red Hat
Red Os
Suse
Ubuntu