CVE-2021-37750
Published: 23 August 2021
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
Notes
| Author | Note |
|---|---|
| ccdm94 | this vulnerability was introduced by commit 39548a5, as established by upstream. Prior to this commit, an error would occur instead of the null deference. In the patch notes, the CVE is described as affecting releases 1.14 and later only (meaning that xenial and trusty are not affected by this). |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
krb5 Launchpad, Ubuntu, Debian |
bionic |
Released
(1.16-2ubuntu0.4)
|
| focal |
Released
(1.17-6ubuntu4.3)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Ignored
(reached end-of-life)
|
|
| jammy |
Not vulnerable
(1.19.2-2)
|
|
| kinetic |
Not vulnerable
(1.19.2-2)
|
|
| trusty |
Not vulnerable
(code not present)
|
|
| upstream |
Released
(1.19.3, 1.18.3-7)
|
|
| xenial |
Not vulnerable
(code not present)
|
|
|
Patches: upstream: https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49 |
||
| Binaries built from this source package are in Universe and so are supported by the community. | ||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |