CVE Vulnerabilities

CVE-2015-2695

Release of Invalid Pointer or Reference

Published: Nov 09, 2015 | Modified: Feb 02, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
MEDIUM

lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call.

Weakness

The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.

Affected Software

Name Vendor Start Version End Version
Kerberos_5 Mit * 1.14 (excluding)
Krb5 Ubuntu precise *
Krb5 Ubuntu trusty *
Krb5 Ubuntu trusty/esm *
Krb5 Ubuntu upstream *
Krb5 Ubuntu vivid *
Krb5 Ubuntu vivid/stable-phone-overlay *
Krb5 Ubuntu vivid/ubuntu-core *
Krb5 Ubuntu wily *

Extended Description

This weakness can take several forms, such as:

Potential Mitigations

  • Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
  • For example, glibc in Linux provides protection against free of invalid pointers.

References