]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e2c7a9f) | patch
CVE-2016-2126: auth/kerberos: only allow known checksum types in check_pac_checksum()
authorStefan Metzmacher <metze@samba.org>
Tue, 22 Nov 2016 16:08:46 +0000 (17:08 +0100)
committerKarolin Seeger <kseeger@samba.org>
Mon, 19 Dec 2016 09:52:16 +0000 (10:52 +0100)
commitb5cc9bd4b2bec4bfe26c554a50551d8fd9bb9f6e
treecf9ac1c8e9d020b2aa5c5d197ef705247bd43366tree
parente2c7a9f328ee0ef7111aaa0c4abd1fa12bc959facommit | diff
CVE-2016-2126: auth/kerberos: only allow known checksum types in check_pac_checksum()

aes based checksums can only be checked with the
corresponding aes based keytype.

Otherwise we may trigger an undefined code path
deep in the kerberos libraries, which can leed to
segmentation faults.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12446

Signed-off-by: Stefan Metzmacher <metze@samba.org>
auth/kerberos/kerberos_pac.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git