Red Hat Bugzilla – Bug 1473560
CVE-2017-11368 krb5: Invalid S4U2Self or S4U2Proxy request causes assertion failure
Last modified: 2018-06-01 17:41:20 EDT
It was found that in MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2018:0666 https://access.redhat.com/errata/RHSA-2018:0666