CVE-2007-2442 — Access of Uninitialized Pointer in Kerberos 5

CWE-824 — Access of Uninitialized Pointer8 documents8 sources

Severity

10.0CRITICALNVD

EPSS

42.6%

top 2.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

MIT Krb5 MIT Kerberos 5 Canonical Ubuntu Linux +1 more

Timeline

PublishedJun 26

Latest updateMay 3

Description

The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cleanup.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶Debianmit/krb5< 1.6.dfsg.1-5+3

▶NVDmit/kerberos_51.6.1

Also affects: Debian Linux 3.1, 4.0, Ubuntu Linux 6.06, 6.10, 7.04

Patches

Patch: web.mit.edu ↗Patch: web.mit.edu ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-6hfh-4j58-7r89: The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1↗2022-05-03

▶

CVEList

CVE-2007-2442: The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1↗2007-06-26

▶

OSV

CVE-2007-2442: The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1↗2007-06-26

▶

📋Vendor Advisories

Ubuntu

krb5 vulnerabilities↗2007-06-27

▶

Red Hat

krb5 RPC library unitialized pointer free↗2007-06-26

▶

Debian

CVE-2007-2442: krb5 - The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) ...↗2007

▶

💬Community

Bugzilla

CVE-2007-2442 krb5 RPC library unitialized pointer free↗2007-06-25

▶