CVE-2021-36222
krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation.
La función ec_verify en el archivo kdc/kdc_preauth_ec.c en el Centro de Distribución de Claves (KDC) en MIT Kerberos 5 (también se conoce como krb5) versiones anteriores a 1.18.4 y versiones 1.19.x anteriores a 1.19.2, permite a atacantes remotos causar una desreferencia de puntero NULL y un bloqueo del daemon. Esto ocurre porque un valor de retorno no es manejado apropiadamente en una situación determinada
A flaw was found in krb5. This flaw allows an unauthenticated attacker to cause a NULL dereference in the KDC by sending a request containing a PA-ENCRYPTED-CHALLENGE padata element without using FAST. The highest threat from this vulnerability is to system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-07-07 CVE Reserved
- 2021-07-22 CVE Published
- 2024-08-04 CVE Updated
- 2024-10-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| https://github.com/krb5/krb5/releases | Release Notes | |
| https://security.netapp.com/advisory/ntap-20211022-0003 | Third Party Advisory |
|
| https://security.netapp.com/advisory/ntap-20211104-0007 | Third Party Advisory |
|
| https://web.mit.edu/kerberos/advisories | Not Applicable |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562 | 2021-11-28 | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | 2021-11-28 |
| URL | Date | SRC |
|---|---|---|
| https://www.debian.org/security/2021/dsa-4944 | 2021-11-28 | |
| https://access.redhat.com/security/cve/CVE-2021-36222 | 2021-09-21 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1983720 | 2021-09-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | < 1.18.4 Search vendor "Mit" for product "Kerberos 5" and version " < 1.18.4" | - |
Affected
| ||||||
| Mit Search vendor "Mit" | Kerberos 5 Search vendor "Mit" for product "Kerberos 5" | >= 1.19.0 < 1.19.2 Search vendor "Mit" for product "Kerberos 5" and version " >= 1.19.0 < 1.19.2" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | vmware_vsphere |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | windows |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Insight Search vendor "Netapp" for product "Oncommand Insight" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Workflow Automation Search vendor "Netapp" for product "Oncommand Workflow Automation" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapcenter Search vendor "Netapp" for product "Snapcenter" | - | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Server Search vendor "Oracle" for product "Mysql Server" | >= 8.0.0 <= 8.0.26 Search vendor "Oracle" for product "Mysql Server" and version " >= 8.0.0 <= 8.0.26" | - |
Affected
| ||||||