Primary

Context

MIT Kerberos 5 Integer Overflow Vulnerability in kdb_log.c Resizing Function Allows Out-of-Bounds Write and Daemon Crash

Vulnerability

Patched

A vulnerability exists in MIT Kerberos 5 versions prior to 1.22 with incremental propagation enabled. An authenticated attacker can exploit an integer overflow caused by a large update size in the resize function of kdb_log.c. This overflow leads to an out-of-bounds write, potentially crashing the kadmind daemon.

Impact

Exploitation of this vulnerability causes a crash of the kadmind daemon.

Reproduction

To reproduce this vulnerability, an authenticated attacker can send a large update size to the kadmind daemon, which will trigger the integer overflow in the kdb_log.c resize function. This out-of-bounds write will likely cause the kadmind process to crash.

Remediation

Users can upgrade to MIT Kerberos 5 version 1.18.3-6+deb11u6 to address this vulnerability.

Added: Jan 16, 2026, 6:24 PM

Updated: Jan 16, 2026, 7:51 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.2

remediation

7.7

relevance

2.1

threat

1.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

4.2

remediation

7.7

relevance

2.1

threat

1.6

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MIT Kerberos 5 Integer Overflow Vulnerability in kdb_log.c Resizing Function Allows Out-of-Bounds Write and Daemon Crash

Vulnerability

Impact

Reproduction

Remediation

Affected Products

MIT Kerberos 5

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating