libkrb5.so is vulnerable to denial of service (DoS). A “NULL” string can be passed to the strlen
function of plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
, allowing a remote authenticated user acting as a compromised kadmin client to crash the application.
CPE | Name | Operator | Version |
---|---|---|---|
libkrb5.so | le | 26.0.0-7.7.0-6 | |
libkrb5.so | le | 26.0.0-7.7.0-6 |