CVE-2014-5352Use After Free in Kerberos 5

CWE-416Use After Free13 documents9 sources
Severity
9.0CRITICALNVD
EPSS
5.4%
top 9.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
MIT Krb5MIT Kerberos 5
Timeline
PublishedFeb 19
Latest updateMay 13

Description

The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-context handles, which allows remote authenticated users to cause a denial of service (use-after-free and double free, and daemon crash) or possibly execute arbitrary code via crafted GSSAPI traffic, as demonstrated by traffic to kadmind.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages2 packages

Debianmit/krb5< 1.12.1+dfsg-17+3
NVDmit/kerberos_510 versions+9

🔴Vulnerability Details

4
GHSA
GHSA-vmgh-h88m-58mj: The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token2022-05-13
OSV
CVE-2014-5352: The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token2015-02-19
CVEList
CVE-2014-5352: The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token2015-02-19
OSV
krb5 vulnerabilities2015-02-10

📋Vendor Advisories

6
Ubuntu
Kerberos vulnerabilities2015-02-10
Red Hat
krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)2015-02-03
Debian
CVE-2014-5352: krb5 - The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_t...2014
Apple
CVE-2014-5352: iOS 8.1.3
Apple
CVE-2014-5352: Apple TV 7.0.3

💬Community

2
Bugzilla
CVE-2014-5352 CVE-2014-9421 CVE-2014-9423 CVE-2014-9422 krb5: various flaws [fedora-all]2015-02-03
Bugzilla
CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)2015-01-07
CVE-2014-5352 — Use After Free in MIT Kerberos 5 | cvebase