git.ipfire.org Git - thirdparty/krb5.git/commit

author	Xi Wang <xi.wang@gmail.com>
	Thu, 14 Feb 2013 23:17:40 +0000 (18:17 -0500)
committer	Tom Yu <tlyu@mit.edu>
	Fri, 22 Feb 2013 22:10:56 +0000 (17:10 -0500)
commit	dfa3dbb2f5c6d7d32d97c179f6c34e0dbb554111
tree	5ea6c0b223dacedbfdd944fa6e0a23d8a48d407f	tree
parent	6abd90b73b1f8abae9fcf42e89758348a40d1dc1	commit \| diff

PKINIT null pointer deref [CVE-2013-1415]

Don't dereference a null pointer when cleaning up.

The KDC plugin for PKINIT can dereference a null pointer when a
malformed packet causes processing to terminate early, leading to
a crash of the KDC process. An attacker would need to have a valid
PKINIT certificate or have observed a successful PKINIT authentication,
or an unauthenticated attacker could execute the attack if anonymous
PKINIT is enabled.

CVSSv2 vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C

This is a minimal commit for pullup; style fixes in a followup.
[kaduk@mit.edu: reformat and edit commit message]

(cherry picked from commit c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed)

ticket: 7577 (new)
version_fixed: 1.10.4
status: resolved