Wind River Support Network

HomeDefectsLIN1021-10106
Fixed

LIN1021-10106 : Security Advisory - krb5 - CVE-2024-37371

Created: Jun 26, 2024    Updated: Sep 26, 2024
Resolved Date: Sep 25, 2024
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

https://nvd.nist.gov/vuln/detail/CVE-2024-37371

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube