rocket-tools/riscv-gnu-toolchain/qemu/roms/edk2/CryptoPkg/Library/OpensslLib/openssl/krb5.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Greg Hudson <ghudson@mit.edu>	2020-10-31 17:07:05 -0400
committer	Greg Hudson <ghudson@mit.edu>	2020-11-03 15:58:01 -0500
commit	207ad69c87cf1b5c047d6c0c0165e5afe29700a6 (patch)
tree	ea8aea6b4c8761415f1801e373e7138f39884f3d /src/aclocal.m4
parent	dde8a92e44a879c326a6f13cef590460eb7b7fac (diff)
download	krb5-207ad69c87cf1b5c047d6c0c0165e5afe29700a6.zip krb5-207ad69c87cf1b5c047d6c0c0165e5afe29700a6.tar.gz krb5-207ad69c87cf1b5c047d6c0c0165e5afe29700a6.tar.bz2

Add recursion limit for ASN.1 indefinite lengths

The libkrb5 ASN.1 decoder supports BER indefinite lengths. It computes the tag length using recursion; the lack of a recursion limit allows an attacker to overrun the stack and cause the process to crash. Reported by Demi Obenour. CVE-2020-28196: In MIT krb5 releases 1.11 and later, an unauthenticated attacker can cause a denial of service for any client or server to which it can send an ASN.1-encoded Kerberos message of sufficient length. (cherry picked from commit 57415dda6cf04e73ffc3723be518eddfae599bfd) ticket: 8959 version_fixed: 1.18.3

Diffstat (limited to 'src/aclocal.m4')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: