CVE-2024-26462
Published: 29 February 2024
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c.
Notes
Author | Note |
---|---|
mdeslaur | per upstream: "The ndr.c leak also affects an encoding function, and triggers if the input contains invalid UTF-8. This one might be triggerable by a request (though it may require elevated privilege), but I would not have requested a CVE for it myself." |