USN-6467-2
- Source
- https://ubuntu.com/security/notices/USN-6467-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6467-2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-6467-2
- Upstream
- Related
- Published
- 2023-11-06T09:36:15.727987Z
- Modified
- 2025-09-08T16:37:59Z
- Summary
- krb5 vulnerability
- Details
-
USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04.
Original advisory details:
Robert Morris discovered that Kerberos did not properly handle memory access when processing RPC data through kadmind, which could lead to the freeing of uninitialized memory. An authenticated remote attacker could possibly use this issue to cause kadmind to crash, resulting in a denial of service.
- References
Affected packages
Ubuntu:20.04:LTS / krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.17-6ubuntu4.4?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.17-6ubuntu4.4
Affected versions
1.*
1.17-6
1.17-6ubuntu3
1.17-6ubuntu4
1.17-6ubuntu4.1
1.17-6ubuntu4.2
1.17-6ubuntu4.3
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-admin-server"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-gss-samples"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-k5tls"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-kdc"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-kdc-ldap"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-kpropd"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-locales"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-multidev"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-otp"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-pkinit"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "krb5-user"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libgssapi-krb5-2"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libgssrpc4"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libk5crypto3"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkadm5clnt-mit11"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkadm5srv-mit11"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkdb5-9"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkrad-dev"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkrad0"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkrb5-3"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkrb5-dev"
},
{
"binary_version": "1.17-6ubuntu4.4",
"binary_name": "libkrb5support0"
}
]
}
Ubuntu:22.04:LTS / krb5
Package
- Name
- krb5
- Purl
- pkg:deb/ubuntu/krb5@1.19.2-2ubuntu0.3?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.19.2-2ubuntu0.3
Affected versions
1.*
1.18.3-6
1.18.3-7
1.19.2-0ubuntu1
1.19.2-1
1.19.2-2
1.19.2-2ubuntu0.1
1.19.2-2ubuntu0.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-admin-server"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-gss-samples"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-k5tls"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-kdc"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-kdc-ldap"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-kpropd"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-locales"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-multidev"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-otp"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-pkinit"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "krb5-user"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libgssapi-krb5-2"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libgssrpc4"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libk5crypto3"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkadm5clnt-mit12"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkadm5srv-mit12"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkdb5-10"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkrad-dev"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkrad0"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkrb5-3"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkrb5-dev"
},
{
"binary_version": "1.19.2-2ubuntu0.3",
"binary_name": "libkrb5support0"
}
]
}