#VU56828 NULL pointer dereference in Kerberos 5 - CVE-2021-37750


| Updated: 2022-03-15

Vulnerability identifier: #VU56828

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-37750

CWE-ID: CWE-476

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Kerberos 5
Client/Desktop applications / Software for system administration

Vendor: MIT

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Key Distribution Center (KDC) in kdc/do_tgs_req.c. A remote user can pass specially crafted data via the FAST inner body that lacks a server field, trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Kerberos 5: 1.18 - 1.19.2

External links
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFCLW7D46E4VCREKKH453T5DA4XOLHU2/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Gentoo update for MIT krb5
SUSE update for krb5
Multiple vulnerabilities in IBM Watson Machine Learning Accelerator on Cloud Pak for Data
Multiple vulnerabilities in Dell PowerProtect Cyber Recovery
VMware Tanzu products update for Kerberos
Ubuntu update for krb5
SUSE update for krb5
Multiple vulnerabilities in Juniper Networks Session Smart Router
Denial of service in PowerSC
Multiple vulnerabilities in Red Hat Service Telemetry Framework