CVE Vulnerabilities

CVE-2024-37370

Published: Jun 28, 2024 | Modified: Aug 27, 2024
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
7.4 MODERATE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
Ubuntu
MEDIUM

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.

Affected Software

Name Vendor Start Version End Version
Kerberos_5 Mit * 1.21.3 (excluding)
Red Hat Enterprise Linux 7.7 Advanced Update Support RedHat krb5-0:1.15.1-37.el7_7.4 *
Red Hat Enterprise Linux 7 Extended Lifecycle Support RedHat krb5-0:1.15.1-55.el7_9.2 *
Red Hat Enterprise Linux 8 RedHat krb5-0:1.18.2-29.el8_10 *
Red Hat Enterprise Linux 8.2 Advanced Update Support RedHat krb5-0:1.17-19.el8_2.1 *
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support RedHat krb5-0:1.18.2-9.el8_4.1 *
Red Hat Enterprise Linux 8.4 Telecommunications Update Service RedHat krb5-0:1.18.2-9.el8_4.1 *
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions RedHat krb5-0:1.18.2-9.el8_4.1 *
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support RedHat krb5-0:1.18.2-16.el8_6.1 *
Red Hat Enterprise Linux 8.6 Telecommunications Update Service RedHat krb5-0:1.18.2-16.el8_6.1 *
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions RedHat krb5-0:1.18.2-16.el8_6.1 *
Red Hat Enterprise Linux 8.8 Extended Update Support RedHat krb5-0:1.18.2-26.el8_8.2 *
Red Hat Enterprise Linux 9 RedHat krb5-0:1.21.1-2.el9_4 *
Red Hat Enterprise Linux 9 RedHat krb5-0:1.21.1-2.el9_4 *
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions RedHat krb5-0:1.19.1-16.el9_0.1 *
Red Hat Enterprise Linux 9.2 Extended Update Support RedHat krb5-0:1.20.1-9.el9_2.1 *
Service Interconnect 1.4 for RHEL 9 RedHat service-interconnect/skupper-config-sync-rhel9:1.4.7-2 *
Service Interconnect 1.4 for RHEL 9 RedHat service-interconnect/skupper-flow-collector-rhel9:1.4.7-2 *
Service Interconnect 1.4 for RHEL 9 RedHat service-interconnect/skupper-operator-bundle:1.4.7-2 *
Service Interconnect 1.4 for RHEL 9 RedHat service-interconnect/skupper-router-rhel9:2.4.3-6 *
Service Interconnect 1.4 for RHEL 9 RedHat service-interconnect/skupper-service-controller-rhel9:1.4.7-2 *
Service Interconnect 1.4 for RHEL 9 RedHat service-interconnect/skupper-site-controller-rhel9:1.4.7-2 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-config-sync-rhel9:1.5.5-3 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-controller-podman-container-rhel9:1.5.5-3 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-controller-podman-rhel9:1.5.5-3 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-flow-collector-rhel9:1.5.5-3 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-operator-bundle:1.5.5-3 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-router-rhel9:2.5.3-5 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-service-controller-rhel9:1.5.5-3 *
Service Interconnect 1 for RHEL 9 RedHat service-interconnect/skupper-site-controller-rhel9:1.5.5-3 *
Krb5 Ubuntu esm-apps/bionic *
Krb5 Ubuntu esm-infra-legacy/trusty *
Krb5 Ubuntu esm-infra/bionic *
Krb5 Ubuntu esm-infra/xenial *
Krb5 Ubuntu focal *
Krb5 Ubuntu jammy *
Krb5 Ubuntu mantic *
Krb5 Ubuntu noble *
Krb5 Ubuntu trusty/esm *
Krb5 Ubuntu upstream *

References