Your message dated Thu, 02 Sep 2021 21:47:26 +0000
with message-id <[email protected]>
and subject line Bug#991140: fixed in krb5 1.17-3+deb10u3
has caused the Debian Bug report #991140,
regarding memory leak in krb5_gss_inquire_cred()
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
991140: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991140
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libgssapi-krb5-2
Version: 1.17-3+deb10u1
Severity: normal
Tags: patch upstream
I have recently stumbled upon a resource leak in this library. Here is my
one-line patch for it. As far as I can tell the problem was introduced ten
years ago and is still present in the latest upstream version. I have tested
this patch and it does seem to plug the leak I found.
Author: Sergio Gelato <[email protected]>
Date: Wed Jul 14 20:21:29 UTC 2021
Subject: Plug leak in krb5_gss_inquire_cred
Commit 1cd2821c19b2b95e39d5fc2f451a035585a40fa5 added an assignment to
cred_handle but didn't update the cleanup code accordingly. This results
in a leak on every call with GSS_C_NO_CREDENTIAL.
We solve this by analogy with the changes to krb5_gss_init_sec_context_ext()
and to the error cleanup block of krb5_gss_inquire_cred() by the same commit.
Index: krb5-1.17/src/lib/gssapi/krb5/inq_cred.c
===================================================================
--- krb5-1.17.orig/src/lib/gssapi/krb5/inq_cred.c 2019-01-08 17:02:37.000000000 +0100
+++ krb5-1.17/src/lib/gssapi/krb5/inq_cred.c 2021-07-14 22:19:40.022773499 +0200
@@ -197,8 +197,7 @@
mechs = GSS_C_NO_OID_SET;
}
- if (cred_handle == GSS_C_NO_CREDENTIAL)
- krb5_gss_release_cred(minor_status, (gss_cred_id_t *)&cred);
+ krb5_gss_release_cred(minor_status, &defcred);
krb5_free_context(context);
*minor_status = 0;
--- End Message ---
--- Begin Message ---
Source: krb5
Source-Version: 1.17-3+deb10u3
Done: Sam Hartman <[email protected]>
We believe that the bug you reported is fixed in the latest version of
krb5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sam Hartman <[email protected]> (supplier of updated krb5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 29 Aug 2021 16:23:02 -0600
Source: krb5
Architecture: source
Version: 1.17-3+deb10u3
Distribution: buster
Urgency: high
Maintainer: Sam Hartman <[email protected]>
Changed-By: Sam Hartman <[email protected]>
Closes: 991140 992607
Changes:
krb5 (1.17-3+deb10u3) buster; urgency=high
.
* Fix KDC null dereference crash on FAST request with no server field,
CVE-2021-37750, Closes: #992607
* Fix memory leak in krb5_gss_inquire_cred, Closes: #991140
Checksums-Sha1:
39e0f0a94638c45a1ac1a86076daefab4009e914 2968 krb5_1.17-3+deb10u3.dsc
00b7e65ab58ddb8b214757c4137a1266bd7752ce 103168
krb5_1.17-3+deb10u3.debian.tar.xz
adedd8124bdf8ae77cba417c6a3c37539eb1e646 4952
krb5_1.17-3+deb10u3_source.buildinfo
Checksums-Sha256:
002bf39a1c8d410c5acbf20294d31a1ed620e207d589c75e13a568fddd6295ce 2968
krb5_1.17-3+deb10u3.dsc
12d8d480d5fa1dcec99c8ce0d5e3f249da94ab959829d83ca5ff09376349b1e3 103168
krb5_1.17-3+deb10u3.debian.tar.xz
f0f31f058e5c5e0bcff167b04222660497953c48427b9ef82d9a3d787ce522c2 4952
krb5_1.17-3+deb10u3_source.buildinfo
Files:
7bbd885f7ecd18ce3adbcfd8872853d8 2968 net optional krb5_1.17-3+deb10u3.dsc
51f6b0d402c70668da7ecfdfdfa00a8c 103168 net optional
krb5_1.17-3+deb10u3.debian.tar.xz
0c9c1d7e27c91bfa8c11a93a3d121c36 4952 net optional
krb5_1.17-3+deb10u3_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQSj2jRwbAdKzGY/4uAsbEw8qDeGdAUCYSwTawAKCRAsbEw8qDeG
dIR3AQD3wBofMzGFvS/okwcd+z1gCFupK668h89LdSYxRpB8HgD/bZxhAnI018uK
9Hh2XcH+Av/rrwDLNXcjJlqFnE3RSg4=
=aIi6
-----END PGP SIGNATURE-----
--- End Message ---
