Keiichi Mori

**Name of the Vulnerable Software and Affected Versions** mit-krb5 versions prior to 1.9.2 **Description** The issue affects the mit-krb5 package in Gentoo Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can occur remotely. The `do standalone` function in the MIT krb5 KDC database propagation daemon (`kpropd`) does not properly handle abnormal exits of worker child processes when in standalone mode, allowing remote attackers to cause a denial of service. This denial of service can result in the termination of the listening process, preventing new connections and updates in slave KDC. **Recommendations** For mit-krb5 versions prior to 1.9.2, update to version 1.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `kpropd` daemon to minimize the risk of exploitation.