Fedora Account System
Red Hat Associate
Red Hat Customer
It was reported that in all versions of MIT krb5, an authenticated attacker can cause kadmind to read beyond the end of allocated memory by sending a string without a terminating zero byte. Information leakage may be possible for an attacker with permission to modify the database. Upstream patch: https://github.com/krb5/krb5/commit/df17a1224a3406f57477bcd372c61e04c0e5a5bb
Created krb5 tracking bugs for this issue: Affects: fedora-all [bug 1302618]
Upstream bug report: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8341 Fixed upstream in krb5 1.14.1: http://web.mit.edu/kerberos/krb5-1.14/krb5-1.14.1.html The upstream bug report also indicates the issue will be fixed in 1.13.4.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0493 https://rhn.redhat.com/errata/RHSA-2016-0493.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:0532 https://rhn.redhat.com/errata/RHSA-2016-0532.html