Lucene search
GoogleOSV:CVE-2024-37371HistoryJun 28, 2024 - 11:15 p.m.
CVE-2024-37371
2024-06-2823:15:11
Google
osv.dev
6
mit kerberos 5
invalid memory reads
vulnerability
gss message token handling
software security
cve-2024-37371
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
37.7%
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
Related
alpinelinux
alpinelinux
CVE-2024-37371
2024-06-28 23:15:11
cbl_mariner
cbl_mariner
CVE-2024-37371 affecting package krb5 for versions less than 1.21.3-1
2024-08-05 03:22:58
CVE-2024-37371 affecting package krb5 for versions less than 1.21.3-1
2024-08-14 20:43:58
nessus
nessus
CBL Mariner 2.0 Security Update: krb5 (CVE-2024-37371)
2024-08-06 00:00:00
RHEL 9 : krb5 (RHSA-2024:5643)
2024-08-20 00:00:00
RHEL 8 : krb5 (RHSA-2024:4734)
2024-07-23 00:00:00
cvelist
cvelist
CVE-2024-37371
2024-06-28 00:00:00
debiancve
debiancve
CVE-2024-37371
2024-06-28 23:15:11
vulnrichment
vulnrichment
CVE-2024-37371
2024-06-28 00:00:00
redhatcve
redhatcve
CVE-2024-37371
2024-06-28 05:08:51
nvd
nvd
CVE-2024-37371
2024-06-28 23:15:11
veracode
veracode
Denial Of Service (DoS)
2024-07-01 11:46:03
cve
cve
CVE-2024-37371
2024-06-28 23:15:11
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:2305-1)
2024-07-08 00:00:00
Debian: Security Advisory (DSA-5726-1)
2024-07-08 00:00:00
openSUSE: Security Advisory for krb5 (SUSE-SU-2024:2307-1)
2024-07-10 00:00:00
redhat
redhat
(RHSA-2024:5076) Moderate: krb5 security update
2024-08-07 09:57:22
(RHSA-2024:4734) Moderate: krb5 security update
2024-07-23 14:41:35
(RHSA-2024:5884) Moderate: krb5 security update
2024-08-27 07:29:05
almalinux
almalinux
Moderate: krb5 security update
2024-08-13 00:00:00
Moderate: krb5 security update
2024-09-03 00:00:00
amazon
amazon
Medium: krb5
2024-07-18 02:00:00
ubuntucve
ubuntucve
CVE-2024-37371
2024-06-28 00:00:00
osv
osv
krb5 - security update
2024-07-05 00:00:00
Moderate: krb5 security update
2024-09-03 00:00:00
Moderate: krb5 security update
2024-08-13 00:00:00
ibm
ibm
ubuntu
ubuntu
Kerberos vulnerabilities
2024-08-08 00:00:00
oraclelinux
oraclelinux
krb5 security update
2024-08-13 00:00:00
krb5 security update
2024-09-03 00:00:00
mageia
mageia
Updated krb5 packages fix security vulnerabilities
2024-07-03 19:36:28
photon
photon
Critical Photon OS Security Update - PHSA-2024-4.0-0679
2024-09-02 00:00:00
Critical Photon OS Security Update - PHSA-2024-3.0-0791
2024-09-04 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0355
2024-08-26 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: krb5-1.21.3-1.fc40
2024-07-13 02:46:57
[SECURITY] Fedora 39 Update: krb5-1.21.3-1.fc39
2024-07-17 01:19:01
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
37.7%
Related for OSV:CVE-2024-37371