Bug 33344

Summary: krb5 new security issues CVE-2024-3737[01]
Product: Mageia Reporter: Nicolas Salguero <nicolas.salguero>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, herman.viaene, sysadmin-bugs
Version: 9Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA9-64-OK
Source RPM: krb5-1.20.1-1.1.mga9.src.rpm CVE: CVE-2024-37370, CVE-2024-37371
Status comment:

Description Nicolas Salguero 2024-07-01 09:05:02 CEST 
Those CVEs were announced here:
https://www.openwall.com/lists/oss-security/2024/06/28/5

The problem is solved with version 1.21.3 or with: https://github.com/krb5/krb5/commit/b0a2f8a5365f2eec3e27d78907de9f9d2c80505a

Mageia 9 is also affected.
Nicolas Salguero 2024-07-01 09:05:34 CEST

Whiteboard: (none) => MGA9TOO
CVE: (none) => CVE-2024-37370, CVE-2024-37371
Status comment: (none) => Fixed upstream in 1.21.3 and patch available from upstream
Source RPM: (none) => krb5-1.21.2-3.mga10.src.rpm

Comment 1 Nicolas Salguero 2024-07-01 14:13:39 CEST 
Suggested advisory:
========================

The updated packages fix security vulnerabilities:

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. (CVE-2024-37370)

In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. (CVE-2024-37371)

References:
https://www.openwall.com/lists/oss-security/2024/06/28/5
========================

Updated packages in core/updates_testing:
========================
krb5-1.20.1-1.2.mga9
krb5-pkinit-1.20.1-1.2.mga9
krb5-server-1.20.1-1.2.mga9
krb5-server-ldap-1.20.1-1.2.mga9
krb5-workstation-1.20.1-1.2.mga9
lib(64)krb53-1.20.1-1.2.mga9
lib(64)krb53-devel-1.20.1-1.2.mga9

from SRPM:
krb5-1.20.1-1.2.mga9.src.rpm

Whiteboard: MGA9TOO => (none)
Source RPM: krb5-1.21.2-3.mga10.src.rpm => krb5-1.20.1-1.1.mga9.src.rpm
Status comment: Fixed upstream in 1.21.3 and patch available from upstream => (none)
Version: Cauldron => 9
Status: NEW => ASSIGNED
Assignee: bugsquad => qa-bugs

katnatek 2024-07-01 21:46:00 CEST

Keywords: (none) => advisory

Comment 2 Herman Viaene 2024-07-03 10:53:52 CEST 
MGA9-64 Plasma Wayland on HP-Pavillion
No installation issues.
Followed wiki with success, good to go.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA9-64-OK

Comment 3 Thomas Andrews 2024-07-03 14:09:45 CEST 
Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Comment 4 Mageia Robot 2024-07-03 18:37:21 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0253.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED