Wind River Support Network

HomeDefectsLIN1023-6878
Fixed

LIN1023-6878 : Security Advisory - krb5 - CVE-2024-37371

Created: Jun 26, 2024    Updated: Sep 15, 2024
Resolved Date: Sep 4, 2024
Found In Version: 10.23.30.1
Fix Version: 10.23.30.13
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace

Description

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.

https://nvd.nist.gov/vuln/detail/CVE-2024-37371

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube