[krbdev.mit.edu #9206] git commit
Greg Hudson via RT
rt at krbdev.mit.edu
Thu Apr 23 18:25:57 EDT 2026
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9206 >
Prevent read overrun in libkdb_ldap
In berval2tl_data(), reject inputs of length less than 2 to prevent an
integer underflow and subsequent read overrun. (The security impact
is negligible as the attacker would have to control the KDB LDAP
server.)
[ghudson at mit.edu: wrote commit message]
(cherry picked from commit 2a5fd83d4436583f2ddc0e193269a4d800ee45c4)
https://github.com/krb5/krb5/commit/974a8875767a2f375669f84b176c7d98a7c85a20
Author: Sebastián Alba <sebasjosue84 at gmail.com>
Committer: Greg Hudson <ghudson at mit.edu>
Commit: 974a8875767a2f375669f84b176c7d98a7c85a20
Branch: krb5-1.22
src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c | 3 +++
1 file changed, 3 insertions(+)
More information about the krb5-bugs
mailing list