Bugs fixes in "krb5"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2024-37371 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wi | 2024-08-08 |
| CVE | CVE-2024-37370 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the | 2024-08-08 |
| CVE | CVE-2024-37371 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wi | 2024-08-08 |
| CVE | CVE-2024-37370 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the | 2024-08-08 |
| CVE | CVE-2024-37371 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wi | 2024-08-08 |
| CVE | CVE-2024-37370 | In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the | 2024-08-08 |
| Launchpad | 2060666 | [SRU] Memory leak in krb5 version 1.17 | 2024-07-04 |
| Launchpad | 2060666 | [SRU] Memory leak in krb5 version 1.17 | 2024-07-04 |
| CVE | CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated u | 2023-11-06 |
| CVE | CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated u | 2023-11-06 |
| CVE | CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated u | 2023-11-06 |
| CVE | CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated u | 2023-11-06 |
| CVE | CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated u | 2023-11-06 |
| CVE | CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated u | 2023-11-06 |
| Launchpad | 1981697 | KDC: weak crypto in default settings | 2023-05-10 |
| Launchpad | 1981697 | KDC: weak crypto in default settings | 2023-05-10 |
| Launchpad | 1981697 | KDC: weak crypto in default settings | 2023-04-15 |
| Launchpad | 1981697 | KDC: weak crypto in default settings | 2023-04-15 |
| CVE | CVE-2021-37750 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_re | 2023-03-17 |
| CVE | CVE-2021-36222 | ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows rem | 2023-03-17 |
About
-
Send Feedback to @ubuntu_updates
