user/krb5: CVE-2020-28196: ASN.1-encoded Kerberos message can cause unbounded recursion
Bugzilla ID | 374 |
Alias(es) | CVE-2020-28196 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2020-11-21 22:33:18 -0600 |
Modified | 2020-11-21 23:18:03 -0600 |
Status | UNCONFIRMED |
Version | 1.0-RC1 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
Package(s) | user/krb5 |
URL | https://nvd.nist.gov/vuln/detail/CVE-2020-28196 |
Description
CVE-2020-28196: https://nvd.nist.gov/vuln/detail/CVE-2020-28196
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3
allows unbounded recursion via an ASN.1-encoded Kerberos message
because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite
lengths lacks a recursion limit.
Fixed in >= 1.18.3 https://github.com/krb5/krb5/commit/207ad69c87cf1b5c047d6c0c0165e5afe29700a6