[Bug 2060666] Re: Memory leak in krb5 version 1.17
Ponnuvel Palaniyappan
2060666 at bugs.launchpad.net
Tue Apr 9 11:29:02 UTC 2024
** Changed in: krb5 (Ubuntu Focal)
Assignee: (unassigned) => Ponnuvel Palaniyappan (pponnuvel)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/2060666
Title:
Memory leak in krb5 version 1.17
Status in krb5 package in Ubuntu:
New
Status in krb5 source package in Focal:
New
Bug description:
Commit 1cd2821 altered the memory
management of krb5_gss_inquire_cred(), introducing defcred to act as
an owner pointer when the function must acquire a default credential.
The commit neglected to update the code to release the default cred
along the successful path. The old code does not trigger because
cred_handle is now reassigned, so the default credential is leaked.
The commit https://github.com/krb5/krb5/commit/098f874f3b50dd2c46c0a574677324b5f6f3a1a8 fixes the leak.
It's been part of newer krb5 releases (Jammy, and Noble have the releases with the fix). Bionic doesn't have the commit the introduced the memory leak.
So this fix needs to be backported to Focal (only).
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/2060666/+subscriptions
More information about the foundations-bugs
mailing list