High severity7.5NVD Advisory· Published Feb 13, 2016· Updated Jun 17, 2026
CVE-2015-8630
CVE-2015-8630
Description
The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by specifying KADM5_POLICY with a NULL policy name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:mit:kerberos_5:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.13.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.13.3:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*
- (no CPE)range: 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1
- osv-coords9 versionspkg:rpm/opensuse/krb5&distro=openSUSE%20Tumbleweedpkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 1.15-1.1+ 8 more
- (no CPE)range: < 1.15-1.1
- (no CPE)range: < 1.12.1-25.1
- (no CPE)range: < 1.12.1-25.1
- (no CPE)range: < 1.12.1-25.1
- (no CPE)range: < 1.12.1-25.1
- (no CPE)range: < 1.12.1-25.1
- (no CPE)range: < 1.12.1-25.1
- (no CPE)range: < 1.12.1-25.1
- (no CPE)range: < 1.12.1-25.1
Patches
Vulnerability mechanics
References
8- github.com/krb5/krb5/commit/b863de7fbf080b15e347a736fdda0a82d42f4f6bnvdPatch
- krbdev.mit.edu/rt/Ticket/Display.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00059.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-02/msg00110.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-0532.htmlnvd
- www.debian.org/security/2016/dsa-3466nvd
- www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlnvd
- www.securitytracker.com/id/1034915nvd
News mentions
0No linked articles in our index yet.