CVE-2007-5901

Publication date 5 December 2007

Last updated 24 July 2024

Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?
Patch details

Notes

kees

upstream did not publish a security update for this issue

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-924-1
Kerberos vulnerabilities
7 April 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2007-5901