Critical severity9.8NVD Advisory· Published Sep 13, 2017· Updated Jun 17, 2026
CVE-2017-11462
CVE-2017-11462
Description
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
30cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:mit:kerberos_5:1.14:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14.2:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14.3:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14.4:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14.5:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14:alpha1:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14:beta1:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.14:beta2:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.15:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.15.1:*:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.15.1:beta1:*:*:*:*:*:*
- cpe:2.3:a:mit:kerberos_5:1.15.1:beta2:*:*:*:*:*:*
- (no CPE)
cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
- osv-coords13 versionspkg:rpm/opensuse/krb5&distro=openSUSE%20Tumbleweedpkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2pkg:rpm/suse/krb5&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 1.19.2-2.2+ 12 more
- (no CPE)range: < 1.19.2-2.2
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.6.3-133.49.113.7.1
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.6.3-133.49.113.7.1
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.6.3-133.49.113.7.1
- (no CPE)range: < 1.12.5-40.13.1
- (no CPE)range: < 1.12.5-40.13.1
Patches
Vulnerability mechanics
References
4- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party AdvisoryVDB Entry
- github.com/krb5/krb5/commit/56f7b1bc95a2a3eeb420e069e7655fb181ade5cfnvdPatchThird Party Advisory
- krbdev.mit.edu/rt/Ticket/Display.htmlnvdVendor Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2FPRUP4YVOEBGEROUYWZFEQ64HTMGNED/nvd
News mentions
0No linked articles in our index yet.