The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.39316
Percentile: 0.97132

CVSS Scoring

Mapped CWE(s)

• CWE-824 : Access of Uninitialized Pointer

Affected Products

• cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*
• cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
• cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
• cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
• cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
• cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

← Back to Home