summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi/generic/util_buffer.c
diff options
context:
space:
mode:
authorTom Yu <tlyu@mit.edu>2012-07-31 22:45:08 -0400
committerTom Yu <tlyu@mit.edu>2012-08-01 13:42:26 -0400
commit3551501359c6d2396fa4779d378ae165f5b37242 (patch)
treed5d9c24305b0d2468d5b1f0f7de9d3cf18af2928 /src/lib/gssapi/generic/util_buffer.c
parentf6f5c680aa0a57f581e5f192cef46567cc7415e2 (diff)
downloadkrb5-3551501359c6d2396fa4779d378ae165f5b37242.tar.gz
krb5-3551501359c6d2396fa4779d378ae165f5b37242.tar.xz
krb5-3551501359c6d2396fa4779d378ae165f5b37242.zip
Fix KDC heap corruption vuln [CVE-2012-1015]
Fix KDC heap corruption vulnerability [MITKRB5-SA-2012-001 CVE-2012-1015]. The cleanup code in kdc_handle_protected_negotiation() in kdc_util.c could free an uninitialized pointer in some error conditions involving "similar" enctypes and a failure in krb5_c_make_checksum(). Additionally, adjust the handling of "similar" enctypes to avoid advertising enctypes that could lead to inadvertent triggering of this vulnerability (possibly in unpatched KDCs). Note that CVE-2012-1014 (also described in MITKRB5-SA-2012-001) only applies to the krb5-1.10 branch and doesn't affect the master branch or releases prior to krb5-1.10. ticket: 7225 (new) target_version: 1.9.5 tags: pullup
Diffstat (limited to 'src/lib/gssapi/generic/util_buffer.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2025-10-15 06:28:39 +0000