Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Kerberos_5 | Mit | 1.14 (including) | 1.14 (including) |
| Kerberos_5 | Mit | 1.14-alpha1 (including) | 1.14-alpha1 (including) |
| Kerberos_5 | Mit | 1.14-beta1 (including) | 1.14-beta1 (including) |
| Kerberos_5 | Mit | 1.14-beta2 (including) | 1.14-beta2 (including) |
| Kerberos_5 | Mit | 1.14.1 (including) | 1.14.1 (including) |
| Kerberos_5 | Mit | 1.14.2 (including) | 1.14.2 (including) |
| Kerberos_5 | Mit | 1.14.3 (including) | 1.14.3 (including) |
| Kerberos_5 | Mit | 1.14.4 (including) | 1.14.4 (including) |
| Kerberos_5 | Mit | 1.14.5 (including) | 1.14.5 (including) |
| Kerberos_5 | Mit | 1.15 (including) | 1.15 (including) |
| Kerberos_5 | Mit | 1.15.1 (including) | 1.15.1 (including) |
| Kerberos_5 | Mit | 1.15.1-beta1 (including) | 1.15.1-beta1 (including) |
| Kerberos_5 | Mit | 1.15.1-beta2 (including) | 1.15.1-beta2 (including) |
| Krb5 | Ubuntu | artful | * |
| Krb5 | Ubuntu | precise/esm | * |
| Krb5 | Ubuntu | trusty | * |
| Krb5 | Ubuntu | vivid/ubuntu-core | * |
| Krb5 | Ubuntu | xenial | * |
| Krb5 | Ubuntu | zesty | * |