ecverify in kdc/kdcpreauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libk5crypto3": "1.16-2ubuntu0.4", "krb5-otp-dbgsym": "1.16-2ubuntu0.4", "krb5-kpropd": "1.16-2ubuntu0.4", "libkadm5srv-mit11": "1.16-2ubuntu0.4", "krb5-pkinit-dbgsym": "1.16-2ubuntu0.4", "krb5-kdc": "1.16-2ubuntu0.4", "libkrb5-dbg": "1.16-2ubuntu0.4", "krb5-admin-server": "1.16-2ubuntu0.4", "krb5-user-dbgsym": "1.16-2ubuntu0.4", "krb5-otp": "1.16-2ubuntu0.4", "krb5-user": "1.16-2ubuntu0.4", "libgssrpc4": "1.16-2ubuntu0.4", "libkrad0": "1.16-2ubuntu0.4", "libkrb5-3": "1.16-2ubuntu0.4", "krb5-gss-samples-dbgsym": "1.16-2ubuntu0.4", "libkrad-dev": "1.16-2ubuntu0.4", "libkadm5clnt-mit11": "1.16-2ubuntu0.4", "krb5-multidev": "1.16-2ubuntu0.4", "krb5-gss-samples": "1.16-2ubuntu0.4", "krb5-kpropd-dbgsym": "1.16-2ubuntu0.4", "krb5-kdc-ldap-dbgsym": "1.16-2ubuntu0.4", "krb5-k5tls-dbgsym": "1.16-2ubuntu0.4", "krb5-locales": "1.16-2ubuntu0.4", "krb5-kdc-dbgsym": "1.16-2ubuntu0.4", "krb5-doc": "1.16-2ubuntu0.4", "libkrb5support0": "1.16-2ubuntu0.4", "krb5-pkinit": "1.16-2ubuntu0.4", "libkrb5-dev": "1.16-2ubuntu0.4", "krb5-admin-server-dbgsym": "1.16-2ubuntu0.4", "libgssapi-krb5-2": "1.16-2ubuntu0.4", "krb5-k5tls": "1.16-2ubuntu0.4", "krb5-kdc-ldap": "1.16-2ubuntu0.4", "libkdb5-9": "1.16-2ubuntu0.4" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libk5crypto3": "1.17-6ubuntu4.3", "krb5-otp-dbgsym": "1.17-6ubuntu4.3", "krb5-kpropd": "1.17-6ubuntu4.3", "libkadm5srv-mit11": "1.17-6ubuntu4.3", "krb5-pkinit-dbgsym": "1.17-6ubuntu4.3", "krb5-kdc": "1.17-6ubuntu4.3", "libkrb5-dbg": "1.17-6ubuntu4.3", "krb5-admin-server": "1.17-6ubuntu4.3", "krb5-user-dbgsym": "1.17-6ubuntu4.3", "krb5-otp": "1.17-6ubuntu4.3", "krb5-user": "1.17-6ubuntu4.3", "libgssrpc4": "1.17-6ubuntu4.3", "libkrad0": "1.17-6ubuntu4.3", "libkrb5-3": "1.17-6ubuntu4.3", "krb5-gss-samples-dbgsym": "1.17-6ubuntu4.3", "libkrad-dev": "1.17-6ubuntu4.3", "libkadm5clnt-mit11": "1.17-6ubuntu4.3", "krb5-multidev": "1.17-6ubuntu4.3", "krb5-gss-samples": "1.17-6ubuntu4.3", "krb5-kpropd-dbgsym": "1.17-6ubuntu4.3", "krb5-kdc-ldap-dbgsym": "1.17-6ubuntu4.3", "krb5-k5tls-dbgsym": "1.17-6ubuntu4.3", "krb5-locales": "1.17-6ubuntu4.3", "krb5-kdc-dbgsym": "1.17-6ubuntu4.3", "krb5-doc": "1.17-6ubuntu4.3", "libkrb5support0": "1.17-6ubuntu4.3", "krb5-pkinit": "1.17-6ubuntu4.3", "libkrb5-dev": "1.17-6ubuntu4.3", "krb5-admin-server-dbgsym": "1.17-6ubuntu4.3", "libgssapi-krb5-2": "1.17-6ubuntu4.3", "krb5-k5tls": "1.17-6ubuntu4.3", "krb5-kdc-ldap": "1.17-6ubuntu4.3", "libkdb5-9": "1.17-6ubuntu4.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libk5crypto3": "1.19.2-2", "libkadm5srv-mit12": "1.19.2-2", "krb5-otp-dbgsym": "1.19.2-2", "krb5-kpropd": "1.19.2-2", "krb5-pkinit-dbgsym": "1.19.2-2", "krb5-kdc": "1.19.2-2", "libkrb5-dbg": "1.19.2-2", "krb5-admin-server": "1.19.2-2", "krb5-user-dbgsym": "1.19.2-2", "krb5-otp": "1.19.2-2", "krb5-user": "1.19.2-2", "libgssrpc4": "1.19.2-2", "libkdb5-10": "1.19.2-2", "libkrad0": "1.19.2-2", "libkrb5-3": "1.19.2-2", "krb5-gss-samples-dbgsym": "1.19.2-2", "libkrad-dev": "1.19.2-2", "krb5-multidev": "1.19.2-2", "krb5-gss-samples": "1.19.2-2", "krb5-kpropd-dbgsym": "1.19.2-2", "krb5-kdc-ldap-dbgsym": "1.19.2-2", "krb5-k5tls-dbgsym": "1.19.2-2", "krb5-locales": "1.19.2-2", "krb5-kdc-dbgsym": "1.19.2-2", "krb5-doc": "1.19.2-2", "libkadm5clnt-mit12": "1.19.2-2", "krb5-pkinit": "1.19.2-2", "libkrb5-dev": "1.19.2-2", "libkrb5support0": "1.19.2-2", "krb5-admin-server-dbgsym": "1.19.2-2", "libgssapi-krb5-2": "1.19.2-2", "krb5-k5tls": "1.19.2-2", "krb5-kdc-ldap": "1.19.2-2" } ] }