The iakerbgssexportseccontext function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspecified other impact by interacting with an application that calls the gssexportsec_context function. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-2696.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-admin-server" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-admin-server-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-doc" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-gss-samples" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-gss-samples-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-kdc" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-kdc-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-kdc-ldap" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-kdc-ldap-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-locales" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-multidev" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-otp" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-otp-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-pkinit" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-pkinit-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-user" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "krb5-user-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libgssapi-krb5-2" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libgssapi-krb5-2-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libgssrpc4" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libgssrpc4-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libk5crypto3" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libk5crypto3-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkadm5clnt-mit9" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkadm5clnt-mit9-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkadm5srv-mit8" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkadm5srv-mit9" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkadm5srv-mit9-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkdb5-7" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkdb5-7-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrad-dev" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrad0" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrad0-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrb5-3" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrb5-3-dbgsym" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrb5-dbg" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrb5-dev" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrb5support0" }, { "binary_version": "1.12+dfsg-2ubuntu5.2", "binary_name": "libkrb5support0-dbgsym" } ] }