CVE-2020-10595 — CRITICAL (9.8)

Q: How severe is CVE-2020-10595?

CVE-2020-10595 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2020-10595?

Check the references section above for vendor advisories and patch information. Affected products include: Pam-Krb5 Project Pam-Krb5, Debian Debian Linux.

Vulnerability Description

pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Pam-Krb5 Project	Pam-Krb5	< 4.9
Debian	Debian Linux	8.0

Related Weaknesses (CWE)

CWE-120

References

http://www.openwall.com/lists/oss-security/2020/03/31/1Mailing ListPatchThird Party Advisory
https://github.com/rra/pam-krb5/commit/e7879e27a37119fad4faf133a9f70bdcdc75d760PatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/04/msg00000.htmlMailing ListThird Party Advisory
https://usn.ubuntu.com/4314-1/
https://www.debian.org/security/2020/dsa-4648Third Party Advisory
https://www.eyrie.org/~eagle/software/pam-krb5/security/2020-03-30.html
http://www.openwall.com/lists/oss-security/2020/03/31/1Mailing ListPatchThird Party Advisory
https://github.com/rra/pam-krb5/commit/e7879e27a37119fad4faf133a9f70bdcdc75d760PatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2020/04/msg00000.htmlMailing ListThird Party Advisory
https://usn.ubuntu.com/4314-1/
https://www.debian.org/security/2020/dsa-4648Third Party Advisory
https://www.eyrie.org/~eagle/software/pam-krb5/security/2020-03-30.html

FAQ

What is CVE-2020-10595?

CVE-2020-10595 is a vulnerability with a CVSS score of 9.8 (CRITICAL). pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlyi...

How severe is CVE-2020-10595?

CVE-2020-10595 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2020-10595?

Check the references section above for vendor advisories and patch information. Affected products include: Pam-Krb5 Project Pam-Krb5, Debian Debian Linux.