A client can crash the KDC in enctype_name() by sendingone of the RFC 4556 enctypes, because of reversed strlcpy() arguments atthe end of enctype_name() References: https://bugzilla.redhat.com/show_bug.cgi?id=1664157
This issue is caused by backporting commits due to the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=1664157
External References: https://github.com/krb5/krb5/pull/981
Note: This flaw was introduced in upstream commit: https://github.com/krb5/krb5/commit/a649279727490687d54becad91fde8cf7429d951 and fixed via https://github.com/krb5/krb5/pull/981/commits/275c9a1aad36a1a7b56042f1a2c21c33e7d16eaf This flaw does not affect any MIT krb5 upstream releases. Fedora versions of MIT krb5 are affected and fixed via the following updates: https://bodhi.fedoraproject.org/updates/FEDORA-2019-f939e79e24 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2323661e5f https://bodhi.fedoraproject.org/updates/FEDORA-2019-320a5a6a68 https://bodhi.fedoraproject.org/updates/FEDORA-2019-dc4e1d0fb6
Statement: This flaw affects the krb5 server only; client-side packages are not affected. This flaw does not affect any krb5 packages shipped with Red Hat products.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-14844