Bug 2274401 (CVE-2024-3657) - CVE-2024-3657 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request [NEEDINFO]
Summary: CVE-2024-3657 389-ds-base: potential denial of service via specially crafted ...
Keywords:
Status: NEW
Alias: CVE-2024-3657
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2290549 2275857 2275858 2275859 2275860 2276882 2283631 2290379 2290401
Blocks: 2274406
TreeView+ depends on / blocked
 
Reported: 2024-04-10 20:31 UTC by Robb Gatica
Modified: 2024-10-01 15:51 UTC (History)
11 users (show)

Fixed In Version: 389-ds-base-2.5.1
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
Clone Of:
Environment:
Last Closed:
Embargoed:
tbordaz: needinfo? (rgatica)


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker IDMDS-4310 0 None None None 2024-04-25 10:18:52 UTC
Red Hat Product Errata RHSA-2024:3591 0 None None None 2024-06-04 14:20:42 UTC
Red Hat Product Errata RHSA-2024:3837 0 None None None 2024-06-11 19:42:11 UTC
Red Hat Product Errata RHSA-2024:4092 0 None None None 2024-06-25 11:11:24 UTC
Red Hat Product Errata RHSA-2024:4209 0 None None None 2024-07-02 07:59:17 UTC
Red Hat Product Errata RHSA-2024:4210 0 None None None 2024-07-02 08:16:26 UTC
Red Hat Product Errata RHSA-2024:4235 0 None None None 2024-07-02 15:21:41 UTC
Red Hat Product Errata RHSA-2024:4633 0 None None None 2024-07-18 15:17:54 UTC
Red Hat Product Errata RHSA-2024:5690 0 None None None 2024-08-21 11:53:39 UTC
Red Hat Product Errata RHSA-2024:6576 0 None None None 2024-09-11 06:35:53 UTC
Red Hat Product Errata RHSA-2024:7458 0 None None None 2024-10-01 15:51:46 UTC

Description Robb Gatica 2024-04-10 20:31:48 UTC
Details:
We received a report that a specially-crafted Kerberos AS-REQ packet can potentially cause a denial of service. Per the reporter: "A specially crafted Kerberos AS-REQ request may cause a failure on the directory server. 

Tested FreeIPA version:
ipa-server-4.10.3

Steps to reproduce (see attachments):
1. Make request: kinit $(cat poc.txt)
2. Check krb5kdc log and ipactl status. (Directory Service: Stopped)

Comment 20 Sandipan Roy 2024-05-28 11:48:17 UTC
Created 389-ds-base tracking bugs for this issue:

Affects: fedora-all [bug 2283631]

Comment 21 errata-xmlrpc 2024-06-04 14:20:41 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2024:3591 https://access.redhat.com/errata/RHSA-2024:3591

Comment 22 errata-xmlrpc 2024-06-11 19:42:09 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:3837 https://access.redhat.com/errata/RHSA-2024:3837

Comment 23 errata-xmlrpc 2024-06-25 11:11:22 UTC
This issue has been addressed in the following products:

  Red Hat Directory Server 12.4 for RHEL 9

Via RHSA-2024:4092 https://access.redhat.com/errata/RHSA-2024:4092

Comment 24 errata-xmlrpc 2024-07-02 07:59:16 UTC
This issue has been addressed in the following products:

  Red Hat Directory Server 11.8 for RHEL 8

Via RHSA-2024:4209 https://access.redhat.com/errata/RHSA-2024:4209

Comment 25 errata-xmlrpc 2024-07-02 08:16:24 UTC
This issue has been addressed in the following products:

  Red Hat Directory Server 11.9 for RHEL 8

Via RHSA-2024:4210 https://access.redhat.com/errata/RHSA-2024:4210

Comment 26 errata-xmlrpc 2024-07-02 15:21:39 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:4235 https://access.redhat.com/errata/RHSA-2024:4235

Comment 27 errata-xmlrpc 2024-07-18 15:17:52 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:4633 https://access.redhat.com/errata/RHSA-2024:4633

Comment 28 errata-xmlrpc 2024-08-21 11:53:37 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:5690 https://access.redhat.com/errata/RHSA-2024:5690

Comment 29 errata-xmlrpc 2024-09-11 06:35:52 UTC
This issue has been addressed in the following products:

  Red Hat Directory Server 11.7 for RHEL 8

Via RHSA-2024:6576 https://access.redhat.com/errata/RHSA-2024:6576

Comment 30 errata-xmlrpc 2024-10-01 15:51:44 UTC
This issue has been addressed in the following products:

  Red Hat Directory Server 12.2 EUS for RHEL 9

Via RHSA-2024:7458 https://access.redhat.com/errata/RHSA-2024:7458


Note You need to log in before you can comment on or make changes to this bug.