CLSA-2024-1720178212 krb5: Fix of CVE-2023-36054

CVE-2023-36054: fix uninitialized pointer in kadmrpcxdr.c to prevent kadmind crash...

ALPINE-CVE-2023-36054

lib/kadm5/kadmrpcxdr.c in MIT Kerberos 5 aka krb5 before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because xdrkadm5principalentrec does not validate the relationship between nkeydata and the keydata array...

[RHSA-2003:089-00] Updated glibc packages fix vulnerabilities in RPC XDR decoder

--------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated glibc packages fix vulnerabilities in RPC XDR decoder Advisory ID: RHSA-2003:089-00 Issue date: 2003-03-19 Updated on: 2003-03-19 Product: Red Hat Linux Keywords: sun RPC XDR integer...

PT-2001-2673 · Gnu +4 · Libc +14

Name of the Vulnerable Software and Affected Versions: krb5-workstation versions 1.1.1 through 1.2.2 krb5-devel versions 1.1.1 through 1.2.2 krb5-configs version 1.1.1 krb5-server versions 1.1.1 through 1.2.2 krb5-libs version 1.1.1 krb5 version 1.1.1 through 1.2.2 glibc versions 2.1.3 through...