Medium severity6.5NVD Advisory· Published Feb 13, 2016· Updated May 6, 2026

CVE-2015-8631

Description

Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (memory consumption) via a request specifying a NULL principal name.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/krb5/krb5/commit/83ed75feba32e46f736fcce0d96a0445f29b96c2nvdPatchThird Party Advisory
krbdev.mit.edu/rt/Ticket/Display.htmlnvdVendor Advisory
lists.opensuse.org/opensuse-updates/2016-02/msg00059.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-updates/2016-02/msg00110.htmlnvdMailing ListThird Party Advisory
rhn.redhat.com/errata/RHSA-2016-0493.htmlnvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2016-0532.htmlnvdThird Party Advisory
www.debian.org/security/2016/dsa-3466nvdThird Party Advisory
www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlnvdThird Party Advisory
www.securitytracker.com/id/1034916nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000