Wind River Support Network

HomeDefectsLIN1019-13665
Fixed

LIN1019-13665 : Security Advisory - krb5 - CVE-2024-37371

Created: Jun 26, 2024    Updated: Sep 19, 2024
Resolved Date: Sep 18, 2024
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

https://nvd.nist.gov/vuln/detail/CVE-2024-37371

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube