MIT Kerberos Team reported following issue affecting RPC library server code used by kadmin server: A bug in the RPC library server code, used in the kadmin server, causes an array overrun if too many file descriptors are opened. Memory corruption can result. Acknowledgements: Red Hat would like to thank MIT and Jeff Altman of Secure Endpoints for reporting this issue.
Public now: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt Lifting embargo.
This issue only affected krb5 package in Red Hat Enterprise Linux 5 and Fedora. However, default configuration did not affect default configuration. This issue only affected systems configured to use higher resource limit than default 1024 for 'open files'.
krb5-1.6.1-9.fc7 has been submitted as an update for Fedora 7
krb5-1.6.2-14.fc8 has been submitted as an update for Fedora 8
krb5-1.6.1-9.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
krb5-1.6.2-14.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: Red Hat Enterprise Linux: http://rhn.redhat.com/errata/RHSA-2008-0164.html Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-2637 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-2647