Bug 1178764 - (CVE-2020-17049) VUL-0: CVE-2020-17049: krb5: undisclosed kerberos issue may affect kinit
VUL-0: CVE-2020-17049: krb5: undisclosed kerberos issue may affect kinit
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
x86-64 SLES 12
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
Blocks: 1178754
  Show dependency treegraph
Reported: 2020-11-13 09:29 UTC by Alexander Bergmann
Modified: 2022-03-11 13:28 UTC (History)
7 users (show)

See Also:
Found By: SUSE Technical Services
Services Priority: 500
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2020-11-13 09:29:03 UTC
+++ This bug was initially created as a clone of Bug #1178754 +++

There is a new vulnerability that Microsoft exposed that is impacting token renewals using kinit. Microsoft is providing a patch on Windows Domain controllers:


At this point it appears the CVE details have yet to be disclosed,
and it's unclear whether there's a patch for linux kerberos clients.
However Intel was wondering if there is an updated version of kinit to avoid this vulnerability.
Comment 1 Samuel Cabrero 2020-12-18 10:45:38 UTC
@Alexander, per comments in bsc#1178754 I think this can be closed right?
Comment 2 Samuel Cabrero 2021-05-03 11:01:55 UTC
Reassigned to security team to evaluate closing it.
Comment 3 Marcus Meissner 2021-09-17 09:41:59 UTC
This issue only affects the Microsoft KDC, not the krb5 one.