enterprise-support team mailing list archive

Thread
Date

[Bug 2060666] [NEW] Memory leak in krb5 version 1.17

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Ponnuvel Palaniyappan <2060666@xxxxxxxxxxxxxxxxxx>
Date: Tue, 09 Apr 2024 11:22:51 -0000
Reply-to: Bug 2060666 <2060666@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx

Public bug reported:

Commit 1cd2821 altered the memory
management of krb5_gss_inquire_cred(), introducing defcred to act as
an owner pointer when the function must acquire a default credential.
The commit neglected to update the code to release the default cred
along the successful path.  The old code does not trigger because
cred_handle is now reassigned, so the default credential is leaked.

The commit https://github.com/krb5/krb5/commit/098f874f3b50dd2c46c0a574677324b5f6f3a1a8 fixes the leak.
It's been part of newer krb5 releases (Jammy, and Noble have the releases with the fix). Bionic doesn't have the commit the introduced the memory leak.

So this fix needs to be backported to Focal (only).

** Affects: krb5 (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: krb5 (Ubuntu Focal)
     Importance: Undecided
     Assignee: Ponnuvel Palaniyappan (pponnuvel)
         Status: New


** Tags: sts

** Tags added: sts

** Also affects: krb5 (Ubuntu Focal)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to krb5 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2060666

Title:
  Memory leak in krb5 version 1.17

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/2060666/+subscriptions

Follow ups

[Bug 2060666] Re: [SRU] Memory leak in krb5 version 1.17
From: Launchpad Bug Tracker, 2024-08-22
[Bug 2060666] Re: Memory leak in krb5 version 1.17
From: Athos Ribeiro, 2024-04-10