CVE-2019-14844

Summary

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.

Affected Software

VendorProductVersion RangeStatus
MITkrb5Fedora versions of krb5 from 1.16.1 to, including 1.17.xaffected

Weaknesses

  • CWE-628: CWE-628

ADP Enrichment

CVE Program Container

Additional References

References