[OE-core] [PATCH] Fix S4U2Self KDC crash when anon is restricted
Richard Purdie
richard.purdie at linuxfoundation.org
Fri Aug 19 15:52:36 UTC 2016
On Wed, 2016-08-17 at 13:26 +0300, Alexandru Moise wrote:
> This is CVE-2016-3120
>
> The validate_as_request function in kdc_util.c in the Key
> Distribution
> Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x
> before
> 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect
> client data structure, which allows remote authenticated users to
> cause
> a denial of service (NULL pointer dereference and daemon crash) via
> an
> S4U2Self request.
>
> Signed-off-by: Alexandru Moise <alexandru.moise at windriver.com>
> ---
> .../krb5/krb5/krb5-CVE-2016-3120.patch | 63
> ++++++++++++++++++++++
> meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb | 1 +
> 2 files changed, 64 insertions(+)
> create mode 100644 meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE
> -2016-3120.patch
This is a meta-oe patch which needs to go to the openembedded-devel
list and also needs a correct shortlog (which mentions its fixing krb5
recipe as a prefix).
Cheers,
Richard
More information about the Openembedded-core
mailing list