AZL-27874 CVE-2023-36054 affecting package krb5 for versions less than 1.19.4-2

lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 aka krb5 before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because xdrkadm5principalentrec does not validate the relationship between nkeydata and the keydata array...

ipa security and bug fix update

4.4.0-14.0.1.el73.6 - Blank out header-logo.png product-name.png Replace login-screen-logo.png 20362818 4.4.0-14.6 - Resolves: 1416488 replication race condition prevents IPA to install - waitforentry: use only DN as parameter - Wait until HTTPS principal entry is replicated to replica - Use prop...

MIT Kerberos 5 kadmind KADM5_POLICY Denial of Service (CVE-2015-8630)

A denial-of-service vulnerability exists in the MIT Kerberos 5 kadmind service. The vulnerability is due to a NULL pointer dereference when processing policy value. A remote, authenticated user who has permission to modify a principal entry can exploit this vulnerability by sending maliciously...

krb5: multiple issues

CVE-2014-5352 authenticated remote code execution: In the MIT krb5 libgssapikrb5 library, after gssprocesscontexttoken is used to process a valid context deletion token, the caller is left with a security context handle containing a dangling pointer. Further uses of this handle will result in...