Skip Menu |

Subject: git commit

PKINIT null pointer deref [CVE-2013-1415]

Don't dereference a null pointer when cleaning up.

The KDC plugin for PKINIT can dereference a null pointer when a
malformed packet causes processing to terminate early, leading to
a crash of the KDC process. An attacker would need to have a valid
PKINIT certificate or have observed a successful PKINIT authentication,
or an unauthenticated attacker could execute the attack if anonymous
PKINIT is enabled.

CVSSv2 vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C

This is a minimal commit for pullup; style fixes in a followup.
[ reformat and edit commit message]

(cherry picked from commit c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed)
Author: Xi Wang <>
Committer: Tom Yu <>
Commit: 6b415d1471adc157eea319592a5fcc1c577876ce
Branch: krb5-1.9
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)