krb5 is vulnerable to denial of service. A NULL pointer dereference in the ec_verify
function in kdc/kdc_preauth_ec.c
allows remote attackers to cause a NULL pointer dereference and daemon crash.
github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
github.com/krb5/krb5/releases
secdb.alpinelinux.org/edge/main.yaml
secdb.alpinelinux.org/v3.12/main.yaml
secdb.alpinelinux.org/v3.13/main.yaml
secdb.alpinelinux.org/v3.14/main.yaml
security.netapp.com/advisory/ntap-20211022-0003/
security.netapp.com/advisory/ntap-20211104-0007/
web.mit.edu/kerberos/advisories/
www.debian.org/security/2021/dsa-4944
www.oracle.com/security-alerts/cpuoct2021.html