ALT-PU-2020-2345-1
Closed vulnerabilities
Published: 2019-09-26
BDU:2020-01056
Уязвимость реализации протокола Kerberos операционных систем Red Hat Enterprise Linux, Fedora, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2019-09-26
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-14844
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14844
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14844
- https://github.com/krb5/krb5/pull/981
- https://github.com/krb5/krb5/pull/981
- FEDORA-2019-dc4e1d0fb6
- FEDORA-2019-dc4e1d0fb6
- FEDORA-2019-320a5a6a68
- FEDORA-2019-320a5a6a68
- FEDORA-2019-2323661e5f
- FEDORA-2019-2323661e5f
- https://security.netapp.com/advisory/ntap-20220325-0003/
- https://security.netapp.com/advisory/ntap-20220325-0003/