FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-28 07:09:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a6986f0f-3ac0-11ee-9a88-206a8a720317	krb5 -- Double-free in KDC TGS processing SO-AND-SO reports: When issuing a ticket for a TGS renew or validate request, copy only the server field from the outer part of the header ticket to the new ticket. Copying the whole structure causes the enc_part pointer to be aliased to the header ticket until krb5_encrypt_tkt_part() is called, resulting in a double-free if handle_authdata() fails.. Discovery 2023-08-07 Entry 2023-08-14 krb5 < 1.21.1_1 krb5-121 < 1.21.1_1 krb5-devel < 1.22.2023.08.07 CVE-2023-39975 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39975
3f3837cc-48fb-4414-aa46-5b1c23c9feae	krb5 -- Multiple vulnerabilities MIT reports: CVE-2017-11368: In MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request. CVE-2017-11462: RFC 2744 permits a GSS-API implementation to delete an existing security context on a second or subsequent call to gss_init_sec_context() or gss_accept_sec_context() if the call results in an error. This API behavior has been found to be dangerous, leading to the possibility of memory errors in some callers. For safety, GSS-API implementations should instead preserve existing security contexts on error until the caller deletes them. All versions of MIT krb5 prior to this change may delete acceptor contexts on error. Versions 1.13.4 through 1.13.7, 1.14.1 through 1.14.5, and 1.15 through 1.15.1 may also delete initiator contexts on error. Discovery 2017-07-14 Entry 2017-10-18 krb5 < 1.14.6 ge 1.15 lt 1.15.2 krb5-devel < 1.14.6 ge 1.15 lt 1.15.2 krb5-115 < 1.15.2 krb5-114 < 1.14.6 krb5-113 < 1.14.6 https://nvd.nist.gov/vuln/detail/CVE-2017-11368 https://krbdev.mit.edu/rt/Ticket/Display.html?id=8599 https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970 https://nvd.nist.gov/vuln/detail/CVE-2017-11462 https://krbdev.mit.edu/rt/Ticket/Display.html?id=8598 https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf CVE-2017-11368 CVE-2017-11462
094e4a5b-6511-11ed-8c5e-206a8a720317	krb5 -- Integer overflow vulnerabilities in PAC parsing MITKRB5-SA-2022-001 Vulnerabilities in PAC parsing: Due to an integer overflow vulnerabilities in PAC parsing An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service. On 32-bit platforms an authenticated attacker may be able to cause heap corruption resulting in an RCE. Discovery 2022-11-05 Entry 2022-11-15 krb5 < 1.19.3_1 gt 1.20 lt 1.20_1 krb5-120 < 1.20_1 krb5-119 < 1.19.3_1 krb5-devel < 1.20.2022.11.03 CVE-2022-42898 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42898

VuXML ID

Description

a6986f0f-3ac0-11ee-9a88-206a8a720317

krb5 -- Double-free in KDC TGS processing

SO-AND-SO reports:

When issuing a ticket for a TGS renew or validate request, copy only the server field from the outer part of the header ticket to the new ticket. Copying the whole structure causes the enc_part pointer to be aliased to the header ticket until krb5_encrypt_tkt_part() is called, resulting in a double-free if handle_authdata() fails..

Discovery 2023-08-07
Entry 2023-08-14
krb5

< 1.21.1_1

krb5-121

< 1.21.1_1

krb5-devel

< 1.22.2023.08.07

CVE-2023-39975
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39975

3f3837cc-48fb-4414-aa46-5b1c23c9feae

krb5 -- Multiple vulnerabilities

MIT reports:

CVE-2017-11368:

In MIT krb5 1.7 and later, an authenticated attacker can cause an assertion failure in krb5kdc by sending an invalid S4U2Self or S4U2Proxy request.

CVE-2017-11462:

RFC 2744 permits a GSS-API implementation to delete an existing security context on a second or subsequent call to gss_init_sec_context() or gss_accept_sec_context() if the call results in an error. This API behavior has been found to be dangerous, leading to the possibility of memory errors in some callers. For safety, GSS-API implementations should instead preserve existing security contexts on error until the caller deletes them.

All versions of MIT krb5 prior to this change may delete acceptor contexts on error. Versions 1.13.4 through 1.13.7, 1.14.1 through 1.14.5, and 1.15 through 1.15.1 may also delete initiator contexts on error.

Discovery 2017-07-14
Entry 2017-10-18
krb5

< 1.14.6

ge 1.15 lt 1.15.2

krb5-devel

< 1.14.6

ge 1.15 lt 1.15.2

krb5-115

< 1.15.2

krb5-114

< 1.14.6

krb5-113

< 1.14.6

https://nvd.nist.gov/vuln/detail/CVE-2017-11368
https://krbdev.mit.edu/rt/Ticket/Display.html?id=8599
https://github.com/krb5/krb5/commit/ffb35baac6981f9e8914f8f3bffd37f284b85970
https://nvd.nist.gov/vuln/detail/CVE-2017-11462
https://krbdev.mit.edu/rt/Ticket/Display.html?id=8598
https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf
CVE-2017-11368
CVE-2017-11462

094e4a5b-6511-11ed-8c5e-206a8a720317

krb5 -- Integer overflow vulnerabilities in PAC parsing

MITKRB5-SA-2022-001 Vulnerabilities in PAC parsing:

Due to an integer overflow vulnerabilities in PAC parsing An authenticated attacker may be able to cause a KDC or kadmind process to crash by reading beyond the bounds of allocated memory, creating a denial of service.

On 32-bit platforms an authenticated attacker may be able to cause heap corruption resulting in an RCE.

Discovery 2022-11-05
Entry 2022-11-15
krb5

< 1.19.3_1

gt 1.20 lt 1.20_1

krb5-120

< 1.20_1

krb5-119

< 1.19.3_1

krb5-devel

< 1.20.2022.11.03

CVE-2022-42898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42898