Reduce e-waste and achieve environmental protection: ​outdated iphone models – Security updates (14-06-2021)

Preface: To protect the safety of customers, Apple will not disclose, discuss or confirm security issues until the investigation is completed and patches or updated versions are provided.

My observations on CVE-2021-30737:

Background: PKINIT is a preauthentication mechanism for Kerberos 5 which uses X.509 certificates to authenticate the KDC to clients and vice versa.
PKINIT requires an X.509 certificate for the KDC and one for each client principal which will authenticate using PKINIT.

Vulnerability details:
A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code.
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 Generalized Time decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.

Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution.

Official announcement:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.