Synopsis

Moderate: krb5 security and bug fix update

Type/Severity

Security Advisory: Moderate

Topic

Updated krb5 packages that fix multiple security issues and two bugs are
now available for Red Hat Enterprise Linux 5.

Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

Description

Kerberos is an authentication system which allows clients and services to
authenticate to each other with the help of a trusted third party, a
Kerberos Key Distribution Center (KDC).

It was found that if a KDC served multiple realms, certain requests could
cause the setup_server_realm() function to dereference a NULL pointer.
A remote, unauthenticated attacker could use this flaw to crash the KDC
using a specially crafted request. (CVE-2013-1418, CVE-2013-6800)

A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO
acceptor for continuation tokens. A remote, unauthenticated attacker could
use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344)

A buffer over-read flaw was found in the way MIT Kerberos handled certain
requests. A man-in-the-middle attacker with a valid Kerberos ticket who is
able to inject packets into a client or server application's GSSAPI session
could use this flaw to crash the application. (CVE-2014-4341)

This update also fixes the following bugs:

• Prior to this update, the libkrb5 library occasionally attempted to free
  already freed memory when encrypting credentials. As a consequence, the
  calling process terminated unexpectedly with a segmentation fault.
  With this update, libkrb5 frees memory correctly, which allows the
  credentials to be encrypted appropriately and thus prevents the mentioned
  crash. (BZ#1004632)
  
• Previously, when the krb5 client library was waiting for a response from
  a server, the timeout variable in certain cases became a negative number.
  Consequently, the client could enter a loop while checking for responses.
  With this update, the client logic has been modified and the described
  error no longer occurs. (BZ#1089732)
  

All krb5 users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing the
updated packages, the krb5kdc daemon will be restarted automatically.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 1026942 - CVE-2013-1418 krb5: multi-realm KDC null dereference leads to crash
• BZ - 1031499 - CVE-2013-6800 krb5: KDC remote DoS (NULL pointer dereference and daemon crash)
• BZ - 1116180 - CVE-2014-4341 krb5: denial of service flaws when handling padding length longer than the plaintext
• BZ - 1121877 - CVE-2014-4344 krb5: NULL pointer dereference flaw in SPNEGO acceptor for continuation tokens

CVEs

• CVE-2013-1418
• CVE-2014-4341
• CVE-2014-4344
• CVE-2013-6800

References

• https://access.redhat.com/security/updates/classification/#moderate

Red Hat Enterprise Linux Server 5

SRPM
krb5-1.6.1-78.el5.src.rpm	SHA-256: 1c38344f37598efffef0aec4e94aa955f0a8777198523d82d2e8153d809ccd9a
x86_64
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-debuginfo-1.6.1-78.el5.x86_64.rpm	SHA-256: 92f0e25d11ff3045fa9bd459eb7151c0f872e7781f75c1d9a8e1aaca2b2cec28
krb5-devel-1.6.1-78.el5.i386.rpm	SHA-256: f4a865c26023f88f42b0b3f67c8b98fd4d195d2f2336d9182a5a6afc0a4ab92b
krb5-devel-1.6.1-78.el5.x86_64.rpm	SHA-256: 98e16904dff8ce1b1b07e449a3a372865643914e1a455c0ef045a93417e7e8d7
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-libs-1.6.1-78.el5.x86_64.rpm	SHA-256: 8dc1173590fd17258500f45a6739186ac037bbdce0905fddba121f2f31db29f0
krb5-server-1.6.1-78.el5.x86_64.rpm	SHA-256: bdeb4a163acf6d30de24b62ff2cc699bde5d1579054fb9f7eb4eb29b9224be5f
krb5-server-ldap-1.6.1-78.el5.x86_64.rpm	SHA-256: 8acf51dda7f51f5e21038d4bb6445d3652b9f4e94f4735cded48ff433e3da2a7
krb5-workstation-1.6.1-78.el5.x86_64.rpm	SHA-256: f8cd19284885dc215194625e781af9beacb28df31e90ba4494aae4d5c5b4f74d
ia64
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-debuginfo-1.6.1-78.el5.ia64.rpm	SHA-256: e3b21001b22c88178409497fe02f1d789a0f7cbd4141c00cb27ec85e860c9eb4
krb5-devel-1.6.1-78.el5.ia64.rpm	SHA-256: b77fd20e9eaa424b1a9136c7a277e145d94ffdba9124990eff51652dd9099b3a
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-libs-1.6.1-78.el5.ia64.rpm	SHA-256: e762aac95e007df8b15989f36de27f2e5add1f3288542880764990050dff989a
krb5-server-1.6.1-78.el5.ia64.rpm	SHA-256: c97959904df0f21958a9de3a6062b85394ef0c4a98178ae51a8516d98c649383
krb5-server-ldap-1.6.1-78.el5.ia64.rpm	SHA-256: cabb82f4dbaaf198e70bf0f15cc6a94cf61e6b42ee0973ca40c8fff134820f7b
krb5-workstation-1.6.1-78.el5.ia64.rpm	SHA-256: 5f95dd61c39b1d867c89f11e2783267fe6a24e1c2cbfee6a75f0afe90a3987c3
i386
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-devel-1.6.1-78.el5.i386.rpm	SHA-256: f4a865c26023f88f42b0b3f67c8b98fd4d195d2f2336d9182a5a6afc0a4ab92b
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-server-1.6.1-78.el5.i386.rpm	SHA-256: cbcb837b4f63a62d35b3a9a62c576c2edbc3e94083ec8dc7ceafb3bdd4448a1a
krb5-server-ldap-1.6.1-78.el5.i386.rpm	SHA-256: da25ccfc9f861a449ebc6e99600a60a6013575f0b179fcc05c16ec67acfd4447
krb5-workstation-1.6.1-78.el5.i386.rpm	SHA-256: 00fbebb8241f344cb7a9683ca3b58fe5c27a63dfa96ad9b4a38b921a5ddfc835

Red Hat Enterprise Linux Workstation 5

SRPM
krb5-1.6.1-78.el5.src.rpm	SHA-256: 1c38344f37598efffef0aec4e94aa955f0a8777198523d82d2e8153d809ccd9a
x86_64
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-debuginfo-1.6.1-78.el5.x86_64.rpm	SHA-256: 92f0e25d11ff3045fa9bd459eb7151c0f872e7781f75c1d9a8e1aaca2b2cec28
krb5-debuginfo-1.6.1-78.el5.x86_64.rpm	SHA-256: 92f0e25d11ff3045fa9bd459eb7151c0f872e7781f75c1d9a8e1aaca2b2cec28
krb5-devel-1.6.1-78.el5.i386.rpm	SHA-256: f4a865c26023f88f42b0b3f67c8b98fd4d195d2f2336d9182a5a6afc0a4ab92b
krb5-devel-1.6.1-78.el5.x86_64.rpm	SHA-256: 98e16904dff8ce1b1b07e449a3a372865643914e1a455c0ef045a93417e7e8d7
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-libs-1.6.1-78.el5.x86_64.rpm	SHA-256: 8dc1173590fd17258500f45a6739186ac037bbdce0905fddba121f2f31db29f0
krb5-server-1.6.1-78.el5.x86_64.rpm	SHA-256: bdeb4a163acf6d30de24b62ff2cc699bde5d1579054fb9f7eb4eb29b9224be5f
krb5-server-ldap-1.6.1-78.el5.x86_64.rpm	SHA-256: 8acf51dda7f51f5e21038d4bb6445d3652b9f4e94f4735cded48ff433e3da2a7
krb5-workstation-1.6.1-78.el5.x86_64.rpm	SHA-256: f8cd19284885dc215194625e781af9beacb28df31e90ba4494aae4d5c5b4f74d
i386
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-devel-1.6.1-78.el5.i386.rpm	SHA-256: f4a865c26023f88f42b0b3f67c8b98fd4d195d2f2336d9182a5a6afc0a4ab92b
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-server-1.6.1-78.el5.i386.rpm	SHA-256: cbcb837b4f63a62d35b3a9a62c576c2edbc3e94083ec8dc7ceafb3bdd4448a1a
krb5-server-ldap-1.6.1-78.el5.i386.rpm	SHA-256: da25ccfc9f861a449ebc6e99600a60a6013575f0b179fcc05c16ec67acfd4447
krb5-workstation-1.6.1-78.el5.i386.rpm	SHA-256: 00fbebb8241f344cb7a9683ca3b58fe5c27a63dfa96ad9b4a38b921a5ddfc835

Red Hat Enterprise Linux Desktop 5

SRPM
krb5-1.6.1-78.el5.src.rpm	SHA-256: 1c38344f37598efffef0aec4e94aa955f0a8777198523d82d2e8153d809ccd9a
x86_64
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-debuginfo-1.6.1-78.el5.x86_64.rpm	SHA-256: 92f0e25d11ff3045fa9bd459eb7151c0f872e7781f75c1d9a8e1aaca2b2cec28
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-libs-1.6.1-78.el5.x86_64.rpm	SHA-256: 8dc1173590fd17258500f45a6739186ac037bbdce0905fddba121f2f31db29f0
krb5-workstation-1.6.1-78.el5.x86_64.rpm	SHA-256: f8cd19284885dc215194625e781af9beacb28df31e90ba4494aae4d5c5b4f74d
i386
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-workstation-1.6.1-78.el5.i386.rpm	SHA-256: 00fbebb8241f344cb7a9683ca3b58fe5c27a63dfa96ad9b4a38b921a5ddfc835

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
krb5-1.6.1-78.el5.src.rpm	SHA-256: 1c38344f37598efffef0aec4e94aa955f0a8777198523d82d2e8153d809ccd9a
s390x
krb5-debuginfo-1.6.1-78.el5.s390.rpm	SHA-256: 6f81bc79582da1acc4addfa851eaf1428a91cdce6b545627f4dac4297649b0ee
krb5-debuginfo-1.6.1-78.el5.s390x.rpm	SHA-256: d43ae7e6461b9030db3c9f765c7f097dc0283ae71c03eb00d9f7c8f95815f41a
krb5-devel-1.6.1-78.el5.s390.rpm	SHA-256: c2e569c2a4bb2ea087846cf2c035b8896180a3fa7db64a73849b0d764a894400
krb5-devel-1.6.1-78.el5.s390x.rpm	SHA-256: 2a23f71c70537808961eba2fde1ddb3ed90a8943d9b51e4062e244637a79c3c9
krb5-libs-1.6.1-78.el5.s390.rpm	SHA-256: cf038749e0ef8be1b05c3a86226f131564eed66aec582951f6ea39304bc44a37
krb5-libs-1.6.1-78.el5.s390x.rpm	SHA-256: b0c00a293831ea687b02d6e5e2584efc4eb0bf0a585d16ef716dbd0ff1e2f0ae
krb5-server-1.6.1-78.el5.s390x.rpm	SHA-256: c76bd93fb1b5bc94339189aa4fa9b4fec54c964bbcad197eb6ca8e495def56c4
krb5-server-ldap-1.6.1-78.el5.s390x.rpm	SHA-256: d305a1b1f736d5f3dc35237059a8cad21a25701b46ced7477d0ecf257a3d7207
krb5-workstation-1.6.1-78.el5.s390x.rpm	SHA-256: c1dede63382fecd5c775fce6033490145a114acfe48e0345a6ce7e57c5fb41fa

Red Hat Enterprise Linux for Power, big endian 5

SRPM
krb5-1.6.1-78.el5.src.rpm	SHA-256: 1c38344f37598efffef0aec4e94aa955f0a8777198523d82d2e8153d809ccd9a
ppc
krb5-debuginfo-1.6.1-78.el5.ppc.rpm	SHA-256: 1670dcae5990b44752d904872b3c873543635b62c4224b5299a0f206bc475ced
krb5-debuginfo-1.6.1-78.el5.ppc64.rpm	SHA-256: 963f604ac8599957bf8ab01540d48c6629c1b8c6ced47a8130bc2c6c279e96ff
krb5-devel-1.6.1-78.el5.ppc.rpm	SHA-256: 09294b2456473373c86140f4b80b8bcf4e89ccbe2aedf0d1987e5d67d99c776c
krb5-devel-1.6.1-78.el5.ppc64.rpm	SHA-256: 19819e235bd327ae1abf6d5a8c041a62a7d270b3575d68db21c73565493c1b5e
krb5-libs-1.6.1-78.el5.ppc.rpm	SHA-256: 8099df96242cefbb002e6e68191f280c30293029a9b0f86505a7b6603be15059
krb5-libs-1.6.1-78.el5.ppc64.rpm	SHA-256: 69d0ba283843fd865a77331f2785c9aa4b917f4f9678e43bc266a248b065a67d
krb5-server-1.6.1-78.el5.ppc.rpm	SHA-256: ce48f18dea9fb596c929165611c8dbf5fe8b323e37fec891b17a749b69cc536c
krb5-server-ldap-1.6.1-78.el5.ppc.rpm	SHA-256: 4e5e17481b55d611be0213c20ec3deee08fb3f19f26168122710fb43028d2a3a
krb5-workstation-1.6.1-78.el5.ppc.rpm	SHA-256: 47359eb6b4c16a9db7c6a3ea15e3266eb4c55869003e6f555bf1a95d4fc6cc22

Red Hat Enterprise Linux Server from RHUI 5

SRPM
krb5-1.6.1-78.el5.src.rpm	SHA-256: 1c38344f37598efffef0aec4e94aa955f0a8777198523d82d2e8153d809ccd9a
x86_64
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-debuginfo-1.6.1-78.el5.x86_64.rpm	SHA-256: 92f0e25d11ff3045fa9bd459eb7151c0f872e7781f75c1d9a8e1aaca2b2cec28
krb5-devel-1.6.1-78.el5.i386.rpm	SHA-256: f4a865c26023f88f42b0b3f67c8b98fd4d195d2f2336d9182a5a6afc0a4ab92b
krb5-devel-1.6.1-78.el5.x86_64.rpm	SHA-256: 98e16904dff8ce1b1b07e449a3a372865643914e1a455c0ef045a93417e7e8d7
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-libs-1.6.1-78.el5.x86_64.rpm	SHA-256: 8dc1173590fd17258500f45a6739186ac037bbdce0905fddba121f2f31db29f0
krb5-server-1.6.1-78.el5.x86_64.rpm	SHA-256: bdeb4a163acf6d30de24b62ff2cc699bde5d1579054fb9f7eb4eb29b9224be5f
krb5-server-ldap-1.6.1-78.el5.x86_64.rpm	SHA-256: 8acf51dda7f51f5e21038d4bb6445d3652b9f4e94f4735cded48ff433e3da2a7
krb5-workstation-1.6.1-78.el5.x86_64.rpm	SHA-256: f8cd19284885dc215194625e781af9beacb28df31e90ba4494aae4d5c5b4f74d
i386
krb5-debuginfo-1.6.1-78.el5.i386.rpm	SHA-256: 69acc1a65412b277f628fee7f19de86f38992b355c108cc97a6c6166a1f02aad
krb5-devel-1.6.1-78.el5.i386.rpm	SHA-256: f4a865c26023f88f42b0b3f67c8b98fd4d195d2f2336d9182a5a6afc0a4ab92b
krb5-libs-1.6.1-78.el5.i386.rpm	SHA-256: 3b7585adba02d59dda849f4c4ca91b58b8f7ef343f69fcf6268350a1a072a466
krb5-server-1.6.1-78.el5.i386.rpm	SHA-256: cbcb837b4f63a62d35b3a9a62c576c2edbc3e94083ec8dc7ceafb3bdd4448a1a
krb5-server-ldap-1.6.1-78.el5.i386.rpm	SHA-256: da25ccfc9f861a449ebc6e99600a60a6013575f0b179fcc05c16ec67acfd4447
krb5-workstation-1.6.1-78.el5.i386.rpm	SHA-256: 00fbebb8241f344cb7a9683ca3b58fe5c27a63dfa96ad9b4a38b921a5ddfc835