#VU8900 Double free error in Kerberos
Vulnerability identifier: #VU8900
Vulnerability risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-415
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Kerberos
Server applications /
Encryption software
Vendor: MIT
Description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to double free during the automatic deletion of security contexts on error by the GSS-API. A remote attacker can delete an existing security context on a second or subsequent call to gss_init_sec_context() or gss_accept_sec_context(), trigger memory corruption and cause denial of service or execute arbitrary code.
Mitigation
Update to version 1.14.6 or 1.15.2.
Vulnerable software versions
Kerberos: 5-1.13.4 - 5-1.15.1
External links
http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
