]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 58586ce) | patch
CVE-2016-2126: auth/kerberos: only allow known checksum types in check_pac_checksum()
authorStefan Metzmacher <metze@samba.org>
Tue, 22 Nov 2016 16:08:46 +0000 (17:08 +0100)
committerKarolin Seeger <kseeger@samba.org>
Fri, 9 Dec 2016 09:59:16 +0000 (10:59 +0100)
commitce31a69a32d2bd6975006e428afe4584f6b7bc43
treede3210b4dbad7b1acc3e9bd4820c08312220ab32tree
parent58586ceae7fe628453e6bffdc463d4309ced15fbcommit | diff
CVE-2016-2126: auth/kerberos: only allow known checksum types in check_pac_checksum()

aes based checksums can only be checked with the
corresponding aes based keytype.

Otherwise we may trigger an undefined code path
deep in the kerberos libraries, which can leed to
segmentation faults.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12446

Signed-off-by: Stefan Metzmacher <metze@samba.org>
auth/kerberos/kerberos_pac.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git