Advisories » MGASA-2021-0543

Updated heimdal packages fix security vulnerability

Publication date: 08 Dec 2021
Modification date: 08 Dec 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-3671

Description

A null pointer de-reference was found in the way samba kerberos server
handled missing sname in TGS-REQ (Ticket Granting Server - Request).
An authenticated user could use this flaw to crash a samba server using
heimdal
                

References

• https://bugs.mageia.org/show_bug.cgi?id=29658
• https://ubuntu.com/security/CVE-2021-3671
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671

SRPMS

8/core

• heimdal-7.7.0-5.1.mga8