LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

krb5: denial of service

Package(s):krb5 CVE #(s):CVE-2012-1016
Created:March 18, 2013 Updated:March 20, 2013
Description: From the CVE entry:

The pkinit_server_return_padata function in plugins/preauth/pkinit/pkinit_srv.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 attempts to find an agility KDF identifier in inappropriate circumstances, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted Draft 9 request.

Alerts:
Fedora FEDORA-2013-3116 2013-03-16
Red Hat RHSA-2013:0656-01 2013-03-18
Scientific Linux SL-krb5-20130318 2013-03-18
CentOS CESA-2013:0656 2013-03-18
Oracle ELSA-2013-0656 2013-03-18
openSUSE openSUSE-SU-2013:0498-1 2013-03-20
Fedora FEDORA-2013-3147 2013-03-22
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds