CVE-2017-11462
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
| Software | From | Fixed in |
|---|---|---|
| mit / kerberos_5 | 1.14-alpha1 | 1.14-alpha1.x |
| mit / kerberos_5 | 1.14-beta1 | 1.14-beta1.x |
| mit / kerberos_5 | 1.14-beta2 | 1.14-beta2.x |
| mit / kerberos_5 | 1.14 | 1.14.x |
| mit / kerberos_5 | 1.14.1 | 1.14.1.x |
| mit / kerberos_5 | 1.14.2 | 1.14.2.x |
| mit / kerberos_5 | 1.14.3 | 1.14.3.x |
| mit / kerberos_5 | 1.14.4 | 1.14.4.x |
| mit / kerberos_5 | 1.14.5 | 1.14.5.x |
| mit / kerberos_5 | 1.15 | 1.15.x |
| mit / kerberos_5 | 1.15.1-beta1 | 1.15.1-beta1.x |
| mit / kerberos_5 | 1.15.1 | 1.15.1.x |
| mit / kerberos_5 | 1.15.1-beta2 | 1.15.1-beta2.x |
| fedoraproject / fedora | 26 | 26.x |
| fedoraproject / fedora | 25 | 25.x |
- http://krbdev.mit.edu/rt/Ticket/Display.html?id=8598
- https://bugzilla.redhat.com/show_bug.cgi?id=1488873
- https://github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cf
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime