Bugzilla – Bug 1216440
VUL-0: CVE-2023-5568: samba: heap buffer overflow with freshness tokens in the Heimdal KDC
Last modified: 2023-10-23 06:54:02 UTC
The KDC doesn’t allocate enough memory for the ‘heim_octet_string’ containing the freshness token. Potential denial of service and likely low impact. Patched in Samba 4.19.2. Reference: - https://www.samba.org/samba/history/samba-4.19.2.html - https://bugzilla.samba.org/show_bug.cgi?id=15491 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5568 https://github.com/samba-team/samba/commit/3280893ae80507e36653a0c7da03c82b88ece30b
Issue added in 4.19.0rc2, so only openSUSE:Factory is affected
(In reply to Thomas Leroy from comment #1) > Issue added in 4.19.0rc2, so only openSUSE:Factory is affected 4.19.2 has this fix. 4.19.2 already been submitted and already is in factory reassigning to sec team to close
(In reply to Noel Power from comment #2) > (In reply to Thomas Leroy from comment #1) > > Issue added in 4.19.0rc2, so only openSUSE:Factory is affected > > 4.19.2 has this fix. 4.19.2 already been submitted and already is in factory > > reassigning to sec team to close Thanks Noel. Closing