[3.7] heimdal: NULL pointer dereference via crafted UDP packets (CVE-2017-17439) (#8292) · Issues · alpine / aports

[3.7] heimdal: NULL pointer dereference via crafted UDP packets (CVE-2017-17439)

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet
containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in
that case, leading to a segmentation fault. This is related to the _kdc_as_rep function in kdc/kerberos5.c and
the der_length_visible_string function in lib/asn1/der_length.c.

References:

https://github.com/heimdal/heimdal/issues/353
https://nvd.nist.gov/vuln/detail/CVE-2017-17439

Patch:

https://github.com/heimdal/heimdal/commit/749d377fa357351a7bbba51f8aae72cdf0629592

(from redmine: issue id 8292, created on 2017-12-14, closed on 2018-01-02)

Relations:
- parent #8290 (closed)
Changesets:
- Revision 1061d3a8 on 2017-12-29T11:06:05Z:

main/heimdal: security fix (CVE-2017-17439)

Fixes #8292

Discussion
Designs

The one place for your designs

To enable design management, you'll need to meet the requirements. If you need help, reach out to our support team for assistance.